Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1432 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed (1) IP or (2) ICMP packets.
CVE-2004-2513 1 Pmail 1 Pegasus 2026-04-16 N/A
Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.
CVE-2004-2514 1 Powerportal 1 Powerportal 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in modules/private_messages/index.php in PowerPortal 1.x allows remote attackers to inject arbitrary web script or HTML via the (1) SUBJECT or (2) MESSAGE field.
CVE-2005-2064 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp.
CVE-2004-2515 1 Vmware 1 Workstation 2026-04-16 N/A
Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line arguments. NOTE: it is not clear if there are any default or typical circumstances under which VMware would be running with privileges beyond those already available to the attackers, so this might not be a vulnerability.
CVE-2004-2518 1 Geeos Team 1 Gattaca Server 2003 2026-04-16 N/A
Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via (1) a trailing null byte ("%00") to a URL or (2) an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message.
CVE-2004-2521 1 Geeos Team 1 Gattaca Server 2003 2026-04-16 N/A
Mail server in Gattaca Server 2003 1.1.10.0 allows remote attackers to perform a denial of service (application crash) via a large number of connections to TCP port (1) 25 (SMTP) or (2) 110 (POP).
CVE-2005-2067 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
CVE-2004-0412 1 Gnu 1 Mailman 2026-04-16 6.5 Medium
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
CVE-2004-2522 1 Geeos Team 1 Gattaca Server 2003 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter.
CVE-2004-2523 1 Openftpd 1 Openftpd Ftp Server 2026-04-16 N/A
Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument.
CVE-2000-0639 1 Sean Macguire 1 Big Brother 2026-04-16 N/A
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.
CVE-2004-2529 1 Gadu-gadu 1 Gadu-gadu Instant Messenger 2026-04-16 N/A
Gadu-Gadu allows remote attackers to bypass the "image send" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities.
CVE-2004-2530 1 Gadu-gadu 1 Gadu-gadu Instant Messenger 2026-04-16 N/A
Visual truncation vulnerability in Gadu-Gadu allows remote attackers to spoof the file extension on transmitted files via a filename with a large number of spaces followed by the real extension, which is not displayed in the dialog box.
CVE-2000-0640 1 Steve Poulsen 1 Guildftpd 2026-04-16 N/A
Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not.
CVE-2004-2538 1 Nilesh Dosooye 1 Phpcodegenie 2026-04-16 N/A
Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) footer.
CVE-2000-0645 1 Texas Imperial Software 1 Wftpd 2026-04-16 N/A
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE (STOU), STORE (STOR), or APPEND (APPE).
CVE-2004-2539 1 Network Appliance 2 Data Ontap, Netcache 2026-04-16 N/A
Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vectors, possibly related to unspecified worms, as identified by bug ID
CVE-2004-2540 1 Sun 2 Jdk, Jre 2026-04-16 N/A
readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.
CVE-2004-2389 1 Jabberstudio 1 Jabber Gadu-gadu Transport 2026-04-16 N/A
Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration.