Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0270 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.
CVE-2004-0200 1 Microsoft 24 .net Framework, Digital Image Pro, Digital Image Suite and 21 more 2026-04-16 N/A
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
CVE-2004-0204 4 Bea, Borland Software, Businessobjects and 1 more 9 Weblogic Server, J Builder, Crystal Enterprise and 6 more 2026-04-16 N/A
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx.
CVE-2004-0275 1 Bosdev 1 Bosdates 2026-04-16 N/A
SQL injection vulnerability in calendar_download.php in BosDates 3.2 and earlier allows remote attackers to obtain sensitive information and gain access via the calendar parameter.
CVE-2004-0218 1 Openbsd 1 Openbsd 2026-04-16 N/A
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0280 1 Caucho Technology 1 Resin 2026-04-16 N/A
Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20.
CVE-2003-0320 1 Andy Prevost 1 Ttcms 2026-04-16 N/A
header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script.
CVE-2004-0282 1 Crob 1 Crob Ftp Server 2026-04-16 N/A
Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server.
CVE-2005-2223 1 Mailenable 2 Mailenable Professional, Mailenable Standard 2026-04-16 N/A
Unknown vulnerability in the SMTP service in MailEnable Standard before 1.9 and Professional before 1.6 allows remote attackers to cause a denial of service (crash) during authentication.
CVE-2004-0310 1 Livejournal 1 Livejournal 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url.
CVE-2004-0311 1 Apc 1 Ap9606 2026-04-16 N/A
American Power Conversion (APC) Web/SNMP Management SmartSlot Card 3.0 through 3.0.3 and 3.21 are shipped with a default password of TENmanUFactOryPOWER, which allows remote attackers to gain unauthorized access.
CVE-2005-0968 1 Broadcom 1 Etrust Intrusion Detection 2026-04-16 N/A
Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API.
CVE-2004-0312 1 Linksys 1 Wap55ag 2026-04-16 N/A
Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2.
CVE-2004-0314 1 Freewebs 1 Webzedit 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 and earlier allows remote attackers to execute arbitrary script as other users via the message parameter.
CVE-2003-0370 4 Apple, Kde, Redhat and 1 more 7 Safari, Kde, Konqueror Embedded and 4 more 2026-04-16 N/A
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
CVE-2004-0313 1 Psoproxy 1 Psoproxy Server 2026-04-16 N/A
Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2) method name.
CVE-2004-0317 1 Platform 1 Lsf 2026-04-16 N/A
Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long LSF_From_PC parameter.
CVE-2005-0971 1 Apple 1 Mac Os X 2026-04-16 N/A
Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.
CVE-2004-0319 1 Ezboard 1 Ezboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote attackers to execute arbitrary script as other users, as demonstrated using the background:url in a (1) font color or (2) font face argument.
CVE-2004-0320 1 Ncipher 1 Nshield 2026-04-16 N/A
Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands.