Export limit exceeded: 366292 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366292 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1738 1 Jshop E-commerce 1 Jshop Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter.
CVE-2004-1739 1 Bird Chat 1 Internet Chat Server 2026-04-16 N/A
Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users.
CVE-2004-1740 1 Music Daemon 1 Music Daemon 2026-04-16 N/A
Music daemon (musicd) 0.0.3 and earlier allows remote attackers to read arbitrary files by calling LOAD with a full pathname, then calling SHOWLIST.
CVE-2004-1741 1 Music Daemon 1 Music Daemon 2026-04-16 N/A
Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST.
CVE-2004-1742 1 Web-app.org 1 Webapp 2026-04-16 N/A
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter.
CVE-2004-1743 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder.
CVE-2004-1744 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests.
CVE-2004-1745 1 People Can Fly 1 Painkiller 2026-04-16 N/A
Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
CVE-2004-1746 1 Php Code Snippet Library 1 Php Code Snippet Library 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the (1) cat_select or (2) show parameters.
CVE-2004-1747 1 Network Everywhere 1 Nr041 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 running firmware 1.2 Release 03 allows remote attackers to inject arbitrary web script or HTML via the DHCP HOSTNAME option.
CVE-2004-1748 1 Sysinternals 1 Regmon 2026-04-16 N/A
NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid pointers to hook functions such as ZwSetQueryValue.
CVE-2004-1749 1 Toplayer 1 Attack Mitigator 2026-04-16 N/A
Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests.
CVE-2004-1750 1 Vnc 1 Realvnc 2026-04-16 N/A
RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900.
CVE-2004-1751 1 Massive Entertainment 1 Ground Control Ii Operation Exodus 2026-04-16 N/A
Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket error that is treated as a critical error.
CVE-2004-1752 1 Nakedsoft 1 Gaucho 2026-04-16 N/A
Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header.
CVE-2004-1753 2 Mozilla, Netscape 3 Firefox, Mozilla, Navigator 2026-04-16 N/A
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
CVE-2004-1754 1 Symantec 2 Enterprise Firewall, Gateway Security 2026-04-16 N/A
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
CVE-2004-1755 1 Bea 1 Weblogic Server 2026-04-16 N/A
The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges.
CVE-2004-1756 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers.
CVE-2004-1757 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges.