Export limit exceeded: 13009 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359301 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2229 | 1 Oracle | 1 Database Server Lite | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. | ||||
| CVE-2004-2228 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Mozilla Firefox before 1.0 is installed with world-writable permissions on Mac OS X, which allows local users to gain privileges. | ||||
| CVE-2004-2227 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote attackers to trick users into downloading files with dangerous extensions. | ||||
| CVE-2004-2226 | 1 Mozilla | 1 Thunderbird | 2026-04-16 | N/A |
| Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on the attacker's server. | ||||
| CVE-2004-2224 | 1 Appfoundry | 1 Message Foundry | 2026-04-16 | N/A |
| Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1. | ||||
| CVE-2004-2223 | 1 Fsphpgallery | 1 Fsphpgallery | 2026-04-16 | N/A |
| FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, which causes a crash when the server attempts to resize the image. | ||||
| CVE-2004-2222 | 1 Fsphpgallery | 1 Fsphpgallery | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. | ||||
| CVE-2004-2220 | 1 F-secure | 1 F-secure Anti-virus | 2026-04-16 | N/A |
| F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. | ||||
| CVE-2004-2219 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. | ||||
| CVE-2004-2218 | 1 Phpmywebhosting | 1 Phpmywebhosting | 2026-04-16 | N/A |
| SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter. | ||||
| CVE-2004-2217 | 1 Ychat | 1 Ychat | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | ||||
| CVE-2004-2216 | 1 Sun | 2 Java System Application Server, Java System Web Server | 2026-04-16 | N/A |
| Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. | ||||
| CVE-2004-2215 | 1 Marc Lehmann | 1 Rxvt-unicode | 2026-04-16 | N/A |
| RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges. | ||||
| CVE-2004-2074 | 1 Bolintech | 1 Dream Ftp Server | 2026-04-16 | N/A |
| Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands. | ||||
| CVE-2004-2075 | 1 Sophos | 1 Sophos Anti-virus | 2026-04-16 | N/A |
| Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of service (infinite loop) via a MIME header that is not properly terminated. | ||||
| CVE-2004-2076 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2004-2077 | 1 Nadeo | 3 Game Engine, Trackmania, Virtual Skipper | 2026-04-16 | N/A |
| Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 allows remote attackers to cause a denial of service (server crash) via malformed data to TCP port 2350, possibly due to long values or incorrect size fields. | ||||
| CVE-2004-2078 | 1 Red-m | 1 Red-alert | 2026-04-16 | N/A |
| Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attackers to cause a denial of service (reboot and loss of logged events) via a long request to TCP port 80, possibly triggering a buffer overflow. | ||||
| CVE-2004-2079 | 1 Red-m | 1 Red-alert | 2026-04-16 | N/A |
| Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user. | ||||
| CVE-2004-2098 | 1 Native Solutions | 1 Tbe Banner Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5.0 allows remote attackers to execute arbitrary script as other users via the HTML banner view/preview capability. | ||||