Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2365 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.
CVE-2004-2366 1 Globalscape 1 Secure Ftp Server 2026-04-16 N/A
Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument.
CVE-2004-2367 1 Texas Imperial Software 2 Wftpd, Wftpd Pro 2026-04-16 N/A
The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows remote authenticated users to cause a denial of service (crash) via a long FTP command.
CVE-2004-2368 1 The Opt-x Project 1 Opt-x 2026-04-16 N/A
PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter.
CVE-2004-2370 1 Cerulean Studios 2 Trillian, Trillian Pro 2026-04-16 N/A
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.
CVE-2004-2371 1 Redstorm 3 Desert Siege, Ghost Recon, The Sum Of All Fears 2026-04-16 N/A
Multiple Red Storm web-based games, including Ghost Recon 1.4 and earlier, Desert Siege, and The Sum of all Fears 1.1.1.0 and earlier, do not properly check return values from certain functions, which allows remote attackers to cause a denial of service (hang) via packets that contain text strings with incorrect size values.
CVE-2004-2372 1 Bochs Project 1 Bochs 2026-04-16 N/A
Buffer overflow in Bochs before 2.1.1, if installed setuid, allows local users to execute arbitrary code via a long HOME environment variable, which is used if the .bochsrc, bochsrc, and bochsrc.txt cannot be found in a known path. NOTE: some external documents recommend that Bochs be installed setuid root, so this should be treated as a vulnerability.
CVE-2004-2373 1 Aol 1 Instant Messenger 2026-04-16 N/A
The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations.
CVE-2004-2374 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue 2.4 allows remote attackers to obtain the location of the server installation path via a request for phptest.php, which includes the pathname in the source of the resulting HTML.
CVE-2004-2375 1 1st Class Internet Solutions 1 1st Class Mail Server 2026-04-16 N/A
Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a long second parameter (digest).
CVE-2004-2376 1 Twilight Utilities 1 Twilight Utilities Web Server 2026-04-16 N/A
Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request with a long attfile attribute.
CVE-2004-2377 1 Alcatel 2 Omniswitch, Omniswitch 7800 2026-04-16 N/A
Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled.
CVE-2004-2378 1 Calacode 1 At Mail Webmail System 2026-04-16 N/A
@Mail 3.64 for Windows allows remote attackers to cause a denial of service ("unusable" server) via a large number of POP3 connections to the server.
CVE-2004-2380 1 Twilight Utilities 1 Twilight Utilities Web Server 2026-04-16 N/A
Directory traversal vulnerability in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to write arbitrary files via a .. (dot dot) in the attfile parameter.
CVE-2004-2381 1 Jetty 1 Jetty Http Server 2026-04-16 N/A
HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length.
CVE-2004-2382 1 Perfectnav 1 Perfectnav 2026-04-16 N/A
The PerfectNav plugin for Microsoft Internet Explorer allows remote attackers to cause a denial of service (browser crash) via a malformed URL such as "?".
CVE-2004-2384 1 Nullsoft 1 Winamp 2026-04-16 N/A
NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line.
CVE-2004-2387 2 Denis Sbragion, Peter Astrand 2 Sredird, Sercd 2026-04-16 N/A
Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code.
CVE-2004-2388 1 Ibm 1 Aix 2026-04-16 N/A
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.
CVE-2004-2389 1 Jabberstudio 1 Jabber Gadu-gadu Transport 2026-04-16 N/A
Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration.