ReportizFlow
Filtered by vendor
Subscriptions
Total
29914 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2357 | 1 Proofpoint | 1 Proofpoint Protection Server | 2026-04-16 | N/A |
| The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database. | ||||
| CVE-2004-2354 | 2 Francisco Burzi, Warpspeed | 2 Php-nuke, 4nguestbook | 2026-04-16 | N/A |
| SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered. | ||||
| CVE-2004-2381 | 1 Jetty | 1 Jetty Http Server | 2026-04-16 | N/A |
| HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length. | ||||
| CVE-2004-2385 | 1 Emumail | 1 Emu Webmail | 2026-04-16 | N/A |
| EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | ||||
| CVE-2004-2387 | 2 Denis Sbragion, Peter Astrand | 2 Sredird, Sercd | 2026-04-16 | N/A |
| Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code. | ||||
| CVE-2004-2392 | 2 Mandrakesoft, Redhat | 3 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux | 2026-04-16 | N/A |
| libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs. | ||||
| CVE-2004-2399 | 1 Securecomputing | 1 Sidewinder G2 | 2026-04-16 | N/A |
| Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (CPU consumption) via delayed responses to DNS queries. | ||||
| CVE-2004-2415 | 1 Davenport | 1 Davenport | 2026-04-16 | N/A |
| Davenport before 0.9.10 allows attackers to cause a denial of service (resource consumption) via (1) a very large XML file or (2) entity expansion attacks. | ||||
| CVE-2004-2421 | 1 Hitachi | 3 Jp1 P-1b41-9461, Jp1 P-1b41-9471, Jp1 P-1j41-9471 | 2026-04-16 | N/A |
| Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain administrator rights. | ||||
| CVE-2004-2424 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow remote attackers to cause a denial of service (network port consumption) via unknown actions in HTTPS sessions, which prevents the server from releasing the network port when the session ends. | ||||
| CVE-2006-2371 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." | ||||
| CVE-2006-2403 | 1 Filezilla | 1 Filezilla | 2026-04-16 | N/A |
| Buffer overflow in FileZilla before 2.2.23 allows remote attackers to execute arbitrary commands via unknown attack vectors. | ||||
| CVE-2006-2406 | 1 Unclassified Newsboard | 1 Unclassified Newsboard | 2026-04-16 | N/A |
| Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in the design_path parameter. NOTE: this is closely related, but a different vulnerability than the ABBC[Config][smileset] parameter. | ||||
| CVE-2004-2426 | 1 Axis | 14 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 11 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to bypass authentication via a .. (dot dot) in an HTTP POST request to ServerManager.srv, then use these privileges to conduct other activities, such as modifying files using editcgi.cgi. | ||||
| CVE-2006-2423 | 1 Swsoft | 1 Confixx | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter. | ||||
| CVE-2006-2424 | 1 Ezusermanager | 1 Ezusermanager | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the ezUserManager_Path parameter to ezusermanager_pwd_forgott.php, possibly due to an issue in ezusermanager_core.inc.php. | ||||
| CVE-2006-2427 | 1 Clam Anti-virus | 2 Clamav, Clamxav | 2026-04-16 | N/A |
| freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file. | ||||
| CVE-2004-2427 | 1 Axis | 14 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 11 more | 2026-04-16 | N/A |
| Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to (1) admin/getparam.cgi, (2) admin/systemlog.cgi, (3) admin/serverreport.cgi, and (4) admin/paramlist.cgi, modify system information via (5) setparam.cgi and (6) factorydefault.cgi, or (7) cause a denial of service (reboot) via restart.cgi. | ||||
| CVE-2004-2441 | 1 Kerio | 1 Kerio Mailserver | 2026-04-16 | N/A |
| Unspecified vulnerability in Kerio MailServer before 6.0.3 has unknown impact and unknown remote attack vectors, related to a "potential security issue." | ||||
| CVE-2004-2448 | 2 Cassiopeia, Itransact | 2 S-mart Shopping Cart, Redicart | 2026-04-16 | N/A |
| S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the database name. | ||||