Search Results (367154 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2151 1 Virtual Projects 1 Chatman 2026-04-16 N/A
Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via a very large data size.
CVE-2004-2152 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML.
CVE-2004-2153 1 Real Estate Management Software 1 Real Estate Management Software 2026-04-16 N/A
Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors.
CVE-2004-2154 3 Apple, Canonical, Redhat 3 Cups, Ubuntu Linux, Enterprise Linux 2026-04-16 9.8 Critical
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.
CVE-2004-2155 1 Online-bookmarks 1 Web Based Bookmark Application 2026-04-16 N/A
Online-bookmarks before 0.4.6 allows remote attackers to bypass its authentication mechanism via a direct request to (1) config/*, (2) bookmarks.php, (3) footer.php, (4) main.php, (5) tree.php, or (6) functions.php.
CVE-2004-2156 1 Recruitment Agency Software 1 Online Recruitment Agency 2026-04-16 N/A
Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors.
CVE-2004-2157 1 S9y 1 Serendipity 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field.
CVE-2004-2158 1 S9y 1 Serendipity 2026-04-16 N/A
SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php.
CVE-2004-2159 1 Xmlstarlet 1 Command Line Xml Toolkit 2026-04-16 N/A
Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c.
CVE-2004-2160 1 Xmlstarlet 1 Command Line Xml Toolkit 2026-04-16 N/A
Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-2161 1 Tutos 1 Tutos 2026-04-16 N/A
SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
CVE-2004-2162 1 Tutos 1 Tutos 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to inject arbitrary web script or HTML via (1) the search field of the Address Module or (2) the t parameter to app_new.php.
CVE-2004-2163 1 Openbsd 1 Openbsd 2026-04-16 N/A
login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies.
CVE-2004-2164 1 Virtual Programming 1 Vp-asp 2026-04-16 N/A
shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption).
CVE-2004-2165 1 Impressions Games 1 Lords Of The Realm Iii 2026-04-16 N/A
Lords of the Realm III 1.01 and earlier, when in the lobby stage, allows remote attackers to cause a denial of service (crash from unallocated memory write) via a long user nickname.
CVE-2004-2166 1 Canon 2 Imagerunner 5000i, Imagerunner C3200 2026-04-16 N/A
The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25.
CVE-2004-2167 1 Latex2rtf 1 Latex2rtf 2026-04-16 N/A
Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand.
CVE-2004-2168 1 Baardsen Software 1 Basomail Server 2026-04-16 N/A
BaSoMail 1.24 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections to TCP port (1) 25 (SMTP) or (2) 110 (POP3).
CVE-2004-2169 1 A-a-s Application Access Server 1 A-a-s Application Access Server 2026-04-16 N/A
Application Access Server (A-A-S) 1.0.37 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long file request.
CVE-2004-2170 1 Niti Telecom 1 Caravan Business Server 2026-04-16 N/A
Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter.