ReportizFlow
Filtered by vendor
Subscriptions
Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1776 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | ||||
| CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | ||||
| CVE-2004-1798 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2026-04-16 | N/A |
| RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. | ||||
| CVE-2004-1833 | 1 Borland Software | 1 Interbase | 2026-04-16 | N/A |
| The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | ||||
| CVE-2002-2159 | 1 Linksys | 3 Befsr11, Befsr41, Befsru31 | 2026-04-16 | N/A |
| Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. | ||||
| CVE-2004-1857 | 1 Hp | 1 Web Jetadmin | 2026-04-16 | N/A |
| Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter. | ||||
| CVE-2004-1878 | 1 Linbit Technologies | 1 Linbox Officeserver | 2026-04-16 | N/A |
| LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash). | ||||
| CVE-2006-3358 | 1 Newsphp | 1 Newsphp | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in NewsPHP 2006 PRO allow remote attackers to inject arbitrary web script or HTML via the (1) words, (2) id, (3) cat_id, and (4) tim parameters, which are not sanitized before being returned in an error page. NOTE: it is possible that some of these vectors are resultant from an SQL injection issue. | ||||
| CVE-2005-0870 | 1 Phpsysinfo | 1 Phpsysinfo | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php, (2) text[language], (3) text[template], or (4) hide_picklist parameter to system_footer.php. | ||||
| CVE-2004-1974 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| paFileDB 3.1 allows remote attackers to gain sensitive information via a direct request to (1) login.php, (2) category.php, (3) search.php, (4) main.php, (5) viewall.php, (6) download.php, (7) email.php, (8) file.php, (9) rate.php, or (10) stats.php, which reveals the path in an error message. | ||||
| CVE-2004-1976 | 1 Smc Networks | 1 Smc7004vbr | 2026-04-16 | N/A |
| SMC Barricade broadband router 7008ABR and 7004VBR enable remote administration by default, which allows remote attackers to gain access by connecting to port 1900. | ||||
| CVE-2004-2005 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name. | ||||
| CVE-2004-2017 | 1 Turbotraffictrader | 1 Turbotraffictrader C | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request to ttt-in, (3) the Referer header in a GET request to ttt-in, or the (4) site name or (5) site URL fields in the main control panel. | ||||
| CVE-2004-2029 | 1 Trevor Hogan | 1 Bnbt | 2026-04-16 | N/A |
| The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value. | ||||
| CVE-2004-2033 | 1 Orenosv | 1 Orenosv Http Ftp Server | 2026-04-16 | N/A |
| Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | ||||
| CVE-2004-2038 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. | ||||
| CVE-2004-2040 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php. | ||||
| CVE-2004-2048 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2026-04-16 | N/A |
| radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. | ||||
| CVE-2004-2055 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter. | ||||
| CVE-2004-0381 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2026-04-16 | N/A |
| mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | ||||