Search Results (361844 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2539 1 Network Appliance 2 Data Ontap, Netcache 2026-04-16 N/A
Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vectors, possibly related to unspecified worms, as identified by bug ID
CVE-2005-2069 3 Openldap, Padl, Redhat 4 Openldap, Nss Ldap, Pam Ldap and 1 more 2026-04-16 N/A
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password.
CVE-2004-2540 1 Sun 2 Jdk, Jre 2026-04-16 N/A
readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.
CVE-2004-2541 2 Cscope, Redhat 2 Cscope, Enterprise Linux 2026-04-16 N/A
Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.
CVE-2004-2389 1 Jabberstudio 1 Jabber Gadu-gadu Transport 2026-04-16 N/A
Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration.
CVE-2004-2543 1 Securecomputing 1 Sidewinder G2 2026-04-16 N/A
Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service (proxy failure) via invalid traffic to the (1) T.120 or (2) RTSP proxy, or (3) invalid MIME messages to the mail filter. NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure.
CVE-2005-2075 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory in PHP-Fusion 6.0 or the fusion_admin/db_backups directory in 5.0.
CVE-2005-2077 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote attackers to inject arbitrary web script or HTML via the error parameter.
CVE-2004-2545 1 Securecomputing 1 Sidewinder G2 2026-04-16 N/A
Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (SMTP proxy failure) via unknown attack vendors involving an "extremely busy network." NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure.
CVE-2004-2546 2 Samba, Trustix 2 Samba, Secure Linux 2026-04-16 N/A
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).
CVE-2004-1446 1 Juniper 1 Netscreen Screenos 2026-04-16 N/A
Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet.
CVE-2005-2078 1 Sofotex 1 Bisonftp 2026-04-16 N/A
BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument.
CVE-2004-2548 1 Netwin 2 Surgemail, Webmail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form. NOTE: it is possible that the first attack vector is resultant from the error message issue (CVE-2004-2547).
CVE-2005-2079 1 Symantec Veritas 1 Backup Exec 2026-04-16 N/A
Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code.
CVE-2004-2550 1 Xperience 1 Sandsurfer 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data.
CVE-2004-0425 1 Netegrity 1 Sideminder Affiliate Agent 2026-04-16 N/A
Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE cookie.
CVE-2004-2552 1 Tim Mann 1 Xboard 2026-04-16 N/A
Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
CVE-2004-2554 1 Novell 1 Client Firewall 2026-04-16 N/A
Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges.
CVE-2005-2081 1 Digium 1 Asterisk 2026-04-16 N/A
Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character.
CVE-2004-2558 1 Ibm 6 Tivoli Access Manager For E-business, Tivoli Access Manager Identity Manager Solution, Tivoli Configuration Manager and 3 more 2026-04-16 N/A
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."