ReportizFlow
Filtered by vendor
Subscriptions
Total
29918 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1592 | 1 Ocportal | 1 Ocportal | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the req_path parameter to reference a URL on a remote web server that contains a malicious funcs.php script. | ||||
| CVE-2004-1723 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to obtain sensitive information via a direct HTTP request, which reveals the installation path in an error message. | ||||
| CVE-2004-1725 | 1 John Bradley | 1 Xv | 2026-04-16 | N/A |
| Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image file. | ||||
| CVE-2004-1764 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. | ||||
| CVE-2004-1763 | 1 Haht Commerce | 1 Hahtsite Scenario Server | 2026-04-16 | N/A |
| Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name. | ||||
| CVE-2004-1771 | 1 Open Group | 1 Scalable Ogo | 2026-04-16 | N/A |
| Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users. | ||||
| CVE-2004-1772 | 2 Gnu, Redhat | 2 Sharutils, Enterprise Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument. | ||||
| CVE-2004-1781 | 1 Info Touch | 1 Surfnet | 2026-04-16 | N/A |
| Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command. | ||||
| CVE-2004-1786 | 1 Iatek | 1 Portalapp | 2026-04-16 | N/A |
| PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb. | ||||
| CVE-2004-1788 | 1 Asp-nuke | 1 Asp-nuke | 2026-04-16 | N/A |
| ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb. | ||||
| CVE-2004-1790 | 1 Edimax | 1 Full Rate Adsl Router | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2004-1791 | 1 Edimax | 1 Full Rate Adsl Router | 2026-04-16 | N/A |
| The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access. | ||||
| CVE-2004-1793 | 1 Yatsoft | 1 Switch Off | 2026-04-16 | N/A |
| Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm. | ||||
| CVE-2004-1805 | 1 Epic Games | 1 Unreal Engine | 2026-04-16 | N/A |
| Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in class names. | ||||
| CVE-2004-1812 | 1 Broadcom | 1 Unicenter Tng | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-1813 | 1 Vocaltec | 1 Vgw4 8 Telephony Gateway | 2026-04-16 | N/A |
| VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authentication via an HTTP request to home.asp with a trailing slash (/). | ||||
| CVE-2004-1837 | 1 Joel Palmius | 1 Mod Survey | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings. | ||||
| CVE-2004-1902 | 1 Citrix | 1 Metaframe Password Manager | 2026-04-16 | N/A |
| The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information. | ||||
| CVE-2004-1909 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm. | ||||
| CVE-2004-1955 | 1 Phprofession | 1 Phprofession | 2026-04-16 | N/A |
| SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter. | ||||