ReportizFlow
Filtered by vendor
Subscriptions
Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2129 | 1 Loom Software | 2 Surfnow Professional, Surfnow Standard | 2026-04-16 | N/A |
| SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | ||||
| CVE-2004-2139 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl. | ||||
| CVE-2004-2281 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. | ||||
| CVE-2004-2294 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2004-2307 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attackers to cause a denial of service (browser crash) via a shell: URI with double backslashes (\\) in an HTML tag such as IFRAME or A. | ||||
| CVE-2004-2311 | 1 Ibm | 1 Lotus Domino | 2026-04-16 | N/A |
| Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog. | ||||
| CVE-2004-2313 | 1 Inter7 | 1 Sqwebmail | 2026-04-16 | N/A |
| Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks. | ||||
| CVE-2005-1014 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command. | ||||
| CVE-2004-2396 | 1 Mandrakesoft | 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall | 2026-04-16 | N/A |
| passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. | ||||
| CVE-2005-1046 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. | ||||
| CVE-2004-2414 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. | ||||
| CVE-2005-1071 | 1 Jportal | 1 Jportal Web Portal | 2026-04-16 | N/A |
| SQL injection vulnerability in banner.inc.php in JPortal Web Portal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the haslo parameter. | ||||
| CVE-2005-1125 | 1 Avaya | 1 Libsafe | 2026-04-16 | N/A |
| Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed. | ||||
| CVE-2006-2632 | 1 Andrew Godwin | 1 Bytehoard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via file descriptions. | ||||
| CVE-2004-2310 | 1 Ibm | 1 Lotus Domino | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. | ||||
| CVE-2004-2456 | 1 Minibb | 1 Minibb | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. | ||||
| CVE-2004-2458 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories. | ||||
| CVE-2004-2472 | 1 Agnitum | 1 Outpost Firewall | 2026-04-16 | N/A |
| Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro. | ||||
| CVE-2004-2474 | 1 Phpnews | 1 Phpnews | 2026-04-16 | N/A |
| SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php. | ||||
| CVE-2004-2553 | 1 The Ignition Project | 1 Ignitionserver | 2026-04-16 | N/A |
| The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument. | ||||