Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2586 1 Smartertools 1 Smartermail 2026-04-16 N/A
Directory traversal vulnerability in frmGetAttachment.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to read arbitrary files via the filename parameter.
CVE-2004-2609 1 Symantec 1 Powerquest Deploycenter 2026-04-16 N/A
The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer overflow.
CVE-2004-2648 1 Faronics 1 Freezex 2026-04-16 N/A
FreezeX 1.00.100.0666 allows local users with administrator privileges to cause a denial of service (FreezeX application) by overwriting the db.fzx file.
CVE-2004-2612 1 Bnc 1 Bnc 2026-04-16 N/A
BNC 2.9.0 only grants access when an incorrect password is provided, which allows remote attackers to use the functionality intended for authorized users.
CVE-2004-2618 1 Pegasi Web Server 1 Pegasi Web Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash).
CVE-2004-2614 1 Xuebrothers 1 Myweb 2026-04-16 N/A
Buffer overflow in MyWeb 3.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
CVE-2004-2616 1 Onnuri Infotek 1 Activepost Standard 2026-04-16 N/A
The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message.
CVE-2004-2627 1 Sun 1 J2me 2026-04-16 N/A
Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code.
CVE-2004-2626 1 Siemens 1 S55 2026-04-16 N/A
GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message.
CVE-2004-2637 1 Zonet 1 Zsr1104we Wireless Router Runtime Code 2026-04-16 N/A
The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code Version 2.41 converts IP addresses of inbound connections to the IP address of the router, which allows remote attackers to bypass intended security restrictions.
CVE-2004-2658 1 Suse 1 Suse Linux 2026-04-16 N/A
resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types.
CVE-2004-2634 1 Ibm 1 Aix 2026-04-16 N/A
The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors.
CVE-2004-2633 1 Arjohn Kampman 1 Sesame Rdf Container 2026-04-16 N/A
Unspecified vulnerability in Sesamie 1.0 allows remote anonymous attackers to gain access to repositories of other users via unknown vectors.
CVE-2004-2642 1 Nathaniel Bray 1 Yeemp 2026-04-16 N/A
Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which allows remote attackers to spoof the identity of the sender.
CVE-2004-2645 1 Asn.1 Compiler 1 Asn.1 Compiler 2026-04-16 N/A
Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures."
CVE-2004-2655 2 Redhat, Xscreensaver 2 Enterprise Linux, Xscreensaver 2026-04-16 N/A
rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.
CVE-2004-2656 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) before R_2_5_0_41 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in search.pl and (2) the filter parameter in submit.pl.
CVE-2004-2664 1 John Lim 1 Adodb 2026-04-16 N/A
John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODB_DIR, which reveals the installation path in an error message.
CVE-2004-2667 1 Ibm 1 Lotus Domino 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2004-2665 1 Hp 1 Hp-ux 2026-04-16 N/A
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.