Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0937 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2026-04-16 N/A
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2004-0938 2 Freeradius, Redhat 2 Freeradius, Enterprise Linux 2026-04-16 N/A
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
CVE-2004-0939 1 Neoteris 1 Instant Virtual Extranet 2026-04-16 N/A
changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be entered, which allows remote attackers to guess passwords via a brute force attack.
CVE-2005-1446 1 Sitepanel 1 Sitepanel 2026-04-16 N/A
SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to upload and execute arbitrary files such as PHP scripts via an attachment to a trouble ticket.
CVE-2004-0941 3 Gd Graphics Library, Redhat, Trustix 3 Gdlib, Enterprise Linux, Secure Linux 2026-04-16 N/A
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.
CVE-2004-0942 2 Apache, Redhat 2 Http Server, Enterprise Linux 2026-04-16 N/A
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
CVE-2005-1449 1 S9y 1 Serendipity 2026-04-16 N/A
Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact.
CVE-2004-0944 1 Mitel 1 Mitel 3300 Integrated Communication Platform 2026-04-16 N/A
The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie.
CVE-2003-1278 1 Infopop 1 Opentopic 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
CVE-2004-0946 2 Nfs, Redhat 3 Nfs-utils, Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.
CVE-2004-0947 4 Arj Software Inc., Gentoo, Redhat and 1 more 4 Unarj, Linux, Enterprise Linux and 1 more 2026-04-16 N/A
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.
CVE-2003-1284 1 Sambar 1 Sambar Server 2026-04-16 N/A
Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe.
CVE-2004-0953 1 Jabber Software Foundation 1 Jabber Server 2026-04-16 N/A
Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long username.
CVE-2005-1450 1 S9y 1 Serendipity 2026-04-16 N/A
Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact.
CVE-2004-0956 3 Oracle, Suse, Ubuntu 3 Mysql, Suse Linux, Ubuntu Linux 2026-04-16 N/A
MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
CVE-2004-2185 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.
CVE-2005-1451 1 S9y 1 Serendipity 2026-04-16 N/A
The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files.
CVE-2005-2416 1 Astalavista It Engineering 1 Contrexx 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog aggregation module.
CVE-2005-2879 1 Advansysperu Software 1 Usb Lock Auto-protect 2026-04-16 N/A
Advansysperu Software USB Lock Auto-Protect (AP) 1.5 uses a weak encryption scheme to encrypt passwords, which allows local users to gain sensitive information and bypass USB interface protection.
CVE-2004-0963 1 Microsoft 1 Word 2026-04-16 N/A
Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.