Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0182 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
CVE-2004-0176 2 Ethereal Group, Redhat 3 Ethereal, Enterprise Linux, Linux 2026-04-16 N/A
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
CVE-2004-0178 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.
CVE-2004-0180 2 Cvs, Redhat 3 Cvs, Enterprise Linux, Linux 2026-04-16 N/A
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
CVE-2004-0181 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.
CVE-2004-0185 2 Redhat, Washington University 2 Enterprise Linux, Wu-ftpd 2026-04-16 N/A
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
CVE-2004-0186 2 Linux, Samba 2 Linux Kernel, Samba 2026-04-16 N/A
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
CVE-2004-0188 1 Calife 1 Calife 2026-04-16 N/A
Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary code via a long password.
CVE-2004-0189 2 Redhat, Squid 3 Enterprise Linux, Linux, Squid 2026-04-16 N/A
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists.
CVE-2004-0190 1 Symantec 3 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r 2026-04-16 N/A
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
CVE-2004-0192 1 Symantec 1 Gateway Security 5400 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
CVE-2004-0194 1 Adobe 1 Acrobat Reader 2026-04-16 N/A
Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data.
CVE-2004-0197 1 Microsoft 1 Jet 2026-04-16 N/A
Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query.
CVE-2004-0199 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).
CVE-2004-0200 1 Microsoft 24 .net Framework, Digital Image Pro, Digital Image Suite and 21 more 2026-04-16 N/A
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
CVE-2004-0202 1 Microsoft 7 Directx, Windows 2000, Windows 2003 Server and 4 more 2026-04-16 N/A
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2004-0204 4 Bea, Borland Software, Businessobjects and 1 more 9 Weblogic Server, J Builder, Crystal Enterprise and 6 more 2026-04-16 N/A
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx.
CVE-2004-0218 1 Openbsd 1 Openbsd 2026-04-16 N/A
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0219 1 Openbsd 1 Openbsd 2026-04-16 N/A
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0224 3 Double Precision Incorporated, Gentoo, Inter7 4 Courier Mta, Sqwebmail, Linux and 1 more 2026-04-16 N/A
Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."