Search Results (367120 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2258 1 Hummingbird 1 Exceed 2026-04-16 N/A
Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab.
CVE-2004-2259 2 Beasts, Redhat 2 Vsftpd, Enterprise Linux 2026-04-16 N/A
vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant.
CVE-2004-2260 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute.
CVE-2004-2261 1 E107 1 E107 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions.
CVE-2004-2262 1 E107 1 E107 2026-04-16 N/A
ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.
CVE-2004-2263 1 Playsms 1 Playsms 2026-04-16 N/A
SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie.
CVE-2004-2273 1 Evan Sims 1 Effingerd 2026-04-16 N/A
efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a packet with a single byte, which triggers a "Wrong protocol or connection state" error.
CVE-2004-2264 1 Gnu 1 Less 2026-04-16 N/A
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed
CVE-2004-2265 1 Uudeview 1 Uudeview 2026-04-16 N/A
UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact.
CVE-2004-2266 1 Ansel 1 Ansel 2026-04-16 N/A
SQL injection vulnerability in Ansel 2.1 and earlier allows remote attackers to modify SQL statements via the image parameter.
CVE-2004-2267 1 Ansel 1 Ansel 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name.
CVE-2004-2268 1 Pimentech 1 Pimengest2 2026-04-16 N/A
PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php.
CVE-2004-2269 1 Matt Shelton 1 Pads 2026-04-16 N/A
Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability.
CVE-2004-2270 1 Ibm 1 Parallel Environment 2026-04-16 N/A
Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 allows attackers to execute arbitrary commands as root via unknown vectors in the sample code.
CVE-2004-2271 1 Minishare 1 Minimal Http Server 2026-04-16 N/A
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2004-2272 1 Evan Sims 1 Effingerd 2026-04-16 N/A
Buffer overflow in the sockFinger_DataArrival function in efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a long finger command.
CVE-2004-2275 1 I-mall Commerce 1 I-mall.cgi 2026-04-16 N/A
i-mall.cgi in I-Mall Commerce allows remote attackers to execute arbitrary commands via shell metacharacters via the p parameter.
CVE-2004-2276 1 F-secure 1 F-secure Anti-virus 2026-04-16 N/A
F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection.
CVE-2004-2277 1 Agsm 1 Agsm 2026-04-16 N/A
Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server response.
CVE-2004-2278 1 Chaogic Systems 1 Vhost 2026-04-16 N/A
Unknown cross-site scripting (XSS) vulnerability in the web GUI in vHost before 3.10r1 has unknown impact and attack vectors.