Export limit exceeded: 19589 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359301 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359301 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2091 | 1 Microsoft | 1 Baseline Security Analyzer | 2026-04-16 | N/A |
| Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security. | ||||
| CVE-2004-2092 | 1 Broadcom | 1 Inoculateit | 2026-04-16 | N/A |
| eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information. | ||||
| CVE-2004-2094 | 1 Darkwet | 1 Webcam Xp | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in WebcamXP 1.06.945 allows remote attackers to inject arbitrary HTML or web script as other users via a URL that contains the script. | ||||
| CVE-2004-2095 | 1 Niels Provos | 1 Honeyd | 2026-04-16 | N/A |
| Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd. | ||||
| CVE-2004-2096 | 1 Mephistoles Internet Suite | 1 Mephistoles Httpd | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL. | ||||
| CVE-2004-2097 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd. | ||||
| CVE-2004-2099 | 1 Electronic Arts | 1 Need For Speed Hot Pursuit 2 | 2026-04-16 | N/A |
| Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands. | ||||
| CVE-2004-2100 | 1 Geovision | 1 Geohttpserver | 2026-04-16 | N/A |
| GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines). | ||||
| CVE-2004-2101 | 1 Geovision | 1 Geohttpserver | 2026-04-16 | N/A |
| The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd parameter, possibly triggering a buffer overflow. | ||||
| CVE-2004-2102 | 1 Freesco | 1 Freesco | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote attackers to inject arbitrary web script or HTML via the test parameter. | ||||
| CVE-2004-2104 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm. | ||||
| CVE-2004-2105 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. | ||||
| CVE-2004-2106 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/. | ||||
| CVE-2004-2108 | 1 Quadcomm | 1 Q-shop | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp. | ||||
| CVE-2004-2109 | 1 Quadcomm | 1 Q-shop | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) imagezoom.asp or (2) recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL. | ||||
| CVE-2004-2110 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| SQL injection vulnerability in register.php in Phorum before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the hide_email parameter. | ||||
| CVE-2004-2111 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. | ||||
| CVE-2004-2112 | 1 Herberlin | 1 Bremsserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in the URL. | ||||
| CVE-2004-2113 | 1 Herberlin | 1 Bremsserver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2004-2114 | 1 Internetnow | 1 Proxynow | 2026-04-16 | N/A |
| Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and earlier allow remote attackers to execute arbitrary code via a GET request with a long ftp:// URL. | ||||