Export limit exceeded: 29916 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29916 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0818 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings. | ||||
| CVE-2003-1031 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation." | ||||
| CVE-2003-1035 | 1 Sap | 2 Sap R 3, Sapgui | 2026-04-16 | N/A |
| The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does. | ||||
| CVE-2004-0046 | 1 Snapstream | 1 Snapstream Pvs | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' (double quote) character. | ||||
| CVE-2004-2152 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2004-0054 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | ||||
| CVE-2004-0055 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value. | ||||
| CVE-2004-0063 | 1 Ncipher | 1 Payshield Spp Library | 2026-04-16 | N/A |
| The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Status_OK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by accepting an invalid PIN number. | ||||
| CVE-2004-0078 | 2 Mutt, Redhat | 3 Mutt, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages. | ||||
| CVE-2004-0082 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2026-04-16 | N/A |
| The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | ||||
| CVE-2004-0111 | 3 Gnome, Redhat, Sgi | 6 Gdkpixbuf, Enterprise Linux, Gdk Pixbuf and 3 more | 2026-04-16 | N/A |
| gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. | ||||
| CVE-2004-2140 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable. | ||||
| CVE-2004-0114 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2026-04-16 | N/A |
| The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. | ||||
| CVE-2004-0116 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field. | ||||
| CVE-2004-0117 | 1 Microsoft | 6 Netmeeting, Windows 2000, Windows 2003 Server and 3 more | 2026-04-16 | N/A |
| Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | ||||
| CVE-2004-0118 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code. | ||||
| CVE-2004-0155 | 2 Kame, Redhat | 2 Racoon, Enterprise Linux | 2026-04-16 | N/A |
| The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate. | ||||
| CVE-2004-0156 | 1 Ssmtp | 1 Ssmtp | 2026-04-16 | N/A |
| Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2004-0157 | 1 Xonix | 1 Xonix | 2026-04-16 | N/A |
| x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program. | ||||
| CVE-2004-0160 | 1 Synaesthesia | 1 Synaesthesia | 2026-04-16 | N/A |
| Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file. | ||||