Total
29901 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1570 | 1 Eaden Mckee | 1 Bblog | 2026-04-16 | N/A |
| SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2004-1595 | 1 Shixxnote | 1 Shixxnote | 2026-04-16 | N/A |
| Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field. | ||||
| CVE-2004-1596 | 1 3com | 1 3cradsl72 | 2026-04-16 | N/A |
| The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows remote attackers to gain sensitive information such as passwords and router settings via a direct HTTP request to app_sta.stm. | ||||
| CVE-2004-2312 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. | ||||
| CVE-2004-1813 | 1 Vocaltec | 1 Vgw4 8 Telephony Gateway | 2026-04-16 | N/A |
| VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authentication via an HTTP request to home.asp with a trailing slash (/). | ||||
| CVE-2004-1888 | 1 Aborior | 1 Encore Web Forum | 2026-04-16 | N/A |
| display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable. | ||||
| CVE-2004-1945 | 1 Kinesphere Corporation | 1 Exchange Pop3 | 2026-04-16 | N/A |
| Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a long MAIL FROM field. | ||||
| CVE-2004-1004 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | ||||
| CVE-2004-2152 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2004-2173 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter. | ||||
| CVE-2004-2222 | 1 Fsphpgallery | 1 Fsphpgallery | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. | ||||
| CVE-2004-2223 | 1 Fsphpgallery | 1 Fsphpgallery | 2026-04-16 | N/A |
| FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, which causes a crash when the server attempts to resize the image. | ||||
| CVE-2004-2294 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2004-2300 | 1 Ucd-snmp | 1 Ucd-snmp | 2026-04-16 | N/A |
| Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE. | ||||
| CVE-2004-2295 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in the Reviews module in PHP-Nuke 6.0 to 7.3 allows remote attackers to execute arbitrary SQL commands via the order parameter. | ||||
| CVE-2004-2385 | 1 Emumail | 1 Emu Webmail | 2026-04-16 | N/A |
| EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | ||||
| CVE-2004-2470 | 1 Madbms | 1 Madbms | 2026-04-16 | N/A |
| Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact and attack vectors, related to logins. | ||||
| CVE-2004-2410 | 1 Samhain Labs | 1 Samhain | 2026-04-16 | N/A |
| Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference). | ||||
| CVE-2002-0008 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as another user by modifying the reporter parameter to enter_bug.cgi, which is passed to post_bug.cgi. | ||||
| CVE-2004-2287 | 1 Dsm | 1 Light Web File Browser | 2026-04-16 | N/A |
| Directory traversal vulnerability in explorer.php in DSM Light Web File Browser 2.0 allows remote attackers to read arbitrary files via .. (dot dot) in the wdir parameter. | ||||