ReportizFlow
Filtered by vendor
Subscriptions
Total
29926 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1411 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters. | ||||
| CVE-2004-1412 | 1 Kayako | 1 Esupport | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter. | ||||
| CVE-2004-1413 | 1 Kayako | 1 Esupport | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 parameters to index.php, or (6) the e-mail field of the Forgot Key feature. | ||||
| CVE-2004-1415 | 1 Ben3w | 1 2bgal | 2026-04-16 | N/A |
| SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5.1 allows remote attackers to execute arbitrary SQL commands via the id_album parameter. | ||||
| CVE-2004-2582 | 1 Novell | 1 Ichain | 2026-04-16 | N/A |
| Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2004-2586 | 1 Smartertools | 1 Smartermail | 2026-04-16 | N/A |
| Directory traversal vulnerability in frmGetAttachment.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to read arbitrary files via the filename parameter. | ||||
| CVE-2004-2587 | 1 Smartertools | 1 Smartermail | 2026-04-16 | N/A |
| login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service via a long txtusername parameter, possibly due to a buffer overflow. | ||||
| CVE-2004-2590 | 1 Meindlsoft | 1 Cute Php Library | 2026-04-16 | N/A |
| Unspecified vulnerability in meindlSOFT Cute PHP Library (aka cphplib) 0.46 has unknown impact and attack vectors, related to regular expressions. | ||||
| CVE-1999-1434 | 1 Slackware | 1 Slackware Linux | 2026-04-16 | N/A |
| login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server. | ||||
| CVE-2004-2600 | 2 Hp, Intel | 22 Carrier Grade Server Cc2300, Carrier Grade Server Cc3300, Carrier Grade Server Cc3310 and 19 more | 2026-04-16 | N/A |
| The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled. | ||||
| CVE-2004-2601 | 1 Ubertec | 1 Help Center Live | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in UberTec Help Center Live (HCL) allows remote attackers to read local files and possibly execute PHP code via a URL in the SKIN_inner parameter to inc/skin.php. | ||||
| CVE-2004-2602 | 1 Ubertec | 1 Help Center Live | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in UberTec Help Center Live (HCL) before 1.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the HCL_path parameter to pipe.php. | ||||
| CVE-2004-2610 | 1 Stefan Bambach | 1 Mntd | 2026-04-16 | N/A |
| mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. NOTE: It is not clear whether this is a vulnerability because there is not necessarily any common usage in which privilege boundaries are crossed. Typical usage would restrict write access to the configuration file. | ||||
| CVE-2004-2612 | 1 Bnc | 1 Bnc | 2026-04-16 | N/A |
| BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users. | ||||
| CVE-2002-0712 | 1 Entrust | 1 Entrust Authority Security Manager | 2026-04-16 | N/A |
| Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations. | ||||
| CVE-2004-2613 | 1 Vserver | 1 Linux-vserver | 2026-04-16 | N/A |
| Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408. | ||||
| CVE-2004-2614 | 1 Xuebrothers | 1 Myweb | 2026-04-16 | N/A |
| Buffer overflow in MyWeb 3.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2004-2616 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message. | ||||
| CVE-2004-2617 | 1 Pegasi Web Server | 1 Pegasi Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI. | ||||
| CVE-2004-2620 | 1 Paul L Daniels | 1 Ripmime | 2026-04-16 | N/A |
| The MIMEH_read_headers function in ripMIME 1.3.1.0 does not properly handle trailing "\r" and "\n" characters in headers, which leads to a buffer underflow. | ||||