Export limit exceeded: 29907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2518 | 1 Geeos Team | 1 Gattaca Server 2003 | 2025-04-03 | N/A |
| Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via (1) a trailing null byte ("%00") to a URL or (2) an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message. | ||||
| CVE-2004-2519 | 1 Geeos Team | 1 Gattaca Server 2003 | 2025-04-03 | N/A |
| Gattaca Server 2003 1.1.10.0 allows remote attackers to cause a denial of service (CPU consumption) via directory specifiers in the LANGUAGE parameter to (1) index.tmpl and (2) web.tmpl, such as (a) slash "/", (b) backslash "\", (c) dot ".",, (d) dot dot "..", and (e) internal slash "lang//en". | ||||
| CVE-2004-2520 | 1 Geeos Team | 1 Gattaca Server 2003 | 2025-04-03 | N/A |
| POP3 protocol in Gattaca Server 2003 1.1.10.0 allows remote authenticated users to cause a denial of service (application crash) via a large numeric value in the (1) LIST, (2) RETR, or (3) UIDL commands. | ||||
| CVE-2004-2521 | 1 Geeos Team | 1 Gattaca Server 2003 | 2025-04-03 | N/A |
| Mail server in Gattaca Server 2003 1.1.10.0 allows remote attackers to perform a denial of service (application crash) via a large number of connections to TCP port (1) 25 (SMTP) or (2) 110 (POP). | ||||
| CVE-2005-0343 | 1 Logicnow | 1 Perldesk | 2025-04-03 | N/A |
| SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter. | ||||
| CVE-2004-2522 | 1 Geeos Team | 1 Gattaca Server 2003 | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter. | ||||
| CVE-2004-2523 | 1 Openftpd | 1 Openftpd Ftp Server | 2025-04-03 | N/A |
| Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument. | ||||
| CVE-2004-2524 | 1 Whm Autopilot | 1 Whm Autopilot | 2025-04-03 | N/A |
| clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allows remote attackers to obtain plaintext username and password credentials by using the clogin_e and base64_encode functions to encode the desired user ID in the c parameter, then read the plaintext values in the resulting form. | ||||
| CVE-2004-2525 | 1 S9y | 1 Serendipity | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable. | ||||
| CVE-2004-2526 | 1 Ibm | 1 Tivoli Directory Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Directory Server 4.1 and earlier allows remote attackers to view arbitrary files via a .. (dot dot) in the Template parameter. | ||||
| CVE-2004-2527 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running. | ||||
| CVE-2004-2528 | 1 Webcam Corp | 1 Webcam Watchdog | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in sresult.exe in Webcam Watchdog 4.0.1a allows remote attackers to inject arbitrary web script or HTML via the cam parameter. | ||||
| CVE-2004-2529 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | N/A |
| Gadu-Gadu allows remote attackers to bypass the "image send" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities. | ||||
| CVE-2004-2546 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2025-04-03 | N/A |
| Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). | ||||
| CVE-2004-2530 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | N/A |
| Visual truncation vulnerability in Gadu-Gadu allows remote attackers to spoof the file extension on transmitted files via a filename with a large number of spaces followed by the real extension, which is not displayed in the dialog box. | ||||
| CVE-2004-2531 | 1 Gnu | 1 Gnutls | 2025-04-03 | N/A |
| X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. | ||||
| CVE-2004-2534 | 1 Fastream | 1 Netfile Server | 2025-04-03 | N/A |
| Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service (connection consumption) by sending a large number HTTP HEAD requests. | ||||
| CVE-2004-2535 | 1 Matthew Phillips | 1 Sticker | 2025-04-03 | N/A |
| The person-to-person secure messaging feature in Sticker before 3.1.0 beta 2 allows remote attackers to post messages to unauthorized private groups by using the group's public encryption key. | ||||
| CVE-2004-2536 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access the per-TSS pointers, access restricted memory locations, and possibly gain privileges. | ||||
| CVE-2004-2537 | 1 Netwin | 1 Surgemail | 2025-04-03 | N/A |
| Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug." | ||||