Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2613 | 1 Vserver | 1 Linux-vserver | 2026-04-16 | N/A |
| Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408. | ||||
| CVE-2004-2614 | 1 Xuebrothers | 1 Myweb | 2026-04-16 | N/A |
| Buffer overflow in MyWeb 3.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2004-2615 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact. | ||||
| CVE-2004-2616 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message. | ||||
| CVE-2004-2617 | 1 Pegasi Web Server | 1 Pegasi Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI. | ||||
| CVE-2004-2619 | 1 Paul L Daniels | 1 Ripmime | 2026-04-16 | N/A |
| ripMIME 1.3.2.3 and earlier allows remote attackers to bypass e-mail protection via a base64 MIME encoded attachment containing invalid characters that are not properly extracted. | ||||
| CVE-2004-2622 | 1 Altiris | 1 Deployment Server Extension For Ibm Director | 2026-04-16 | N/A |
| AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access. | ||||
| CVE-2004-2626 | 1 Siemens | 1 S55 | 2026-04-16 | N/A |
| GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message. | ||||
| CVE-2005-2090 | 2 Apache, Redhat | 7 Tomcat, Certificate System, Enterprise Linux and 4 more | 2026-04-16 | N/A |
| Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." | ||||
| CVE-2004-0504 | 3 Ethereal Group, Redhat, Sgi | 3 Ethereal, Enterprise Linux, Propack | 2026-04-16 | N/A |
| Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients. | ||||
| CVE-2004-1746 | 1 Php Code Snippet Library | 1 Php Code Snippet Library | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the (1) cat_select or (2) show parameters. | ||||
| CVE-2004-2628 | 1 Acme Labs | 1 Thttpd | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote attackers to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:"). | ||||
| CVE-2004-2631 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name. | ||||
| CVE-2004-2632 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables. | ||||
| CVE-2005-2091 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." | ||||
| CVE-2004-2635 | 1 Mcafee | 1 Security Installer Control System | 2026-04-16 | N/A |
| An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method. | ||||
| CVE-2004-2636 | 1 Rit Research Labs | 1 Tinyweb | 2026-04-16 | N/A |
| TinyWeb 1.9 allows remote attackers to read source code of scripts via "/./" in the URL. | ||||
| CVE-2004-2640 | 1 Ryszard Pydo | 1 Linuxstat | 2026-04-16 | N/A |
| Directory traversal vulnerability in lstat.cgi in LinuxStat before 2.3.1 allows remote attackers to read arbitrary files via (1) .. (dot dot) sequences or (2) absolute paths to the template parameter. | ||||
| CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | ||||
| CVE-2004-2647 | 1 Reid Garner | 1 Free Web Chat | 2026-04-16 | N/A |
| Free Web Chat 2.0 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections from the same user. | ||||