Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1485 | 2 Gnu, Tftp | 2 Inetutils, Tftp | 2026-04-16 | N/A |
| Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | ||||
| CVE-2004-1486 | 1 Hp | 2 Cluster Object Manager, Serviceguard | 2026-04-16 | N/A |
| Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and Cluster Object Manager A.01.03 and B.01.04 through B.03.00.01 on HP-UX, Serviceguard A.11.14.04 and A.11.15.04 and Cluster Object Manager B.02.01.02 and B.02.02.02 on HP Linux, allow remote attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2004-1487 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2026-04-16 | N/A |
| wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences. | ||||
| CVE-2004-1488 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2026-04-16 | N/A |
| wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code. | ||||
| CVE-2004-1492 | 1 Quicksilver | 1 Master Of Orion Iii | 2026-04-16 | N/A |
| Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (game exit) via a data packet that contains a large size specifier, which causes a large memory allocation to fail. | ||||
| CVE-2004-1493 | 1 Quicksilver | 1 Master Of Orion Iii | 2026-04-16 | N/A |
| Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server crash) via multiple connections with long nicknames, possibly triggering a buffer overflow. | ||||
| CVE-2004-1499 | 1 Webhost Automation | 1 Helm Control Panel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field. | ||||
| CVE-2004-1500 | 2 Freeform Interactive, Monolith Productions | 11 Purge Jihad, Alien Versus Predator, Blood and 8 more | 2026-04-16 | N/A |
| Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message. | ||||
| CVE-2004-1501 | 1 Software602 | 1 602lan Suite | 2026-04-16 | N/A |
| The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) by sending a POST request with a large Content-Length value, then disconnecting without sending that amount of data. | ||||
| CVE-2004-1529 | 1 Rob Sutton | 1 Php-nuke Event Calendar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the (1) type, (2) day, (3) month, or (4) year parameters in a Preview operation, or (5) event comments. | ||||
| CVE-2004-1530 | 1 Rob Sutton | 1 Php-nuke Event Calendar | 2026-04-16 | N/A |
| SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the (1) eid or (2) cid parameters. | ||||
| CVE-2004-1531 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter. | ||||
| CVE-2004-1532 | 1 Appserv Open Project | 1 Appserv | 2026-04-16 | N/A |
| AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access. | ||||
| CVE-2004-1533 | 1 Digital Mappings Systems | 1 Pop3 Server | 2026-04-16 | N/A |
| Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allows remote attackers to cause a denial of service (service crash) via a long (1) username or (2) password. | ||||
| CVE-2004-1534 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript. | ||||
| CVE-2004-1535 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-1536 | 1 Ipbproarcade | 1 Ipbproarcade | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2004-1537 | 1 Phpkit | 1 Phpkit | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter. | ||||
| CVE-2004-1538 | 1 Phpkit | 1 Phpkit | 2026-04-16 | N/A |
| SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-1999-0960 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option. | ||||