Export limit exceeded: 345106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345106 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1697 | 1 Ca | 1 Unicenter Management | 2026-04-16 | N/A |
| The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames. | ||||
| CVE-2004-0381 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2026-04-16 | N/A |
| mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | ||||
| CVE-2004-1700 | 1 Pinnacle Systems | 1 Showcenter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message. | ||||
| CVE-2005-2871 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec. | ||||
| CVE-2004-0382 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting. | ||||
| CVE-2004-0383 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email." | ||||
| CVE-2004-0385 | 1 Oracle | 2 Application Server Web Cache, E-business Suite | 2026-04-16 | N/A |
| Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities." | ||||
| CVE-2004-0386 | 3 Gentoo, Mandrakesoft, Mplayer | 3 Linux, Mandrake Linux, Mplayer | 2026-04-16 | N/A |
| Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. | ||||
| CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. | ||||
| CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2004-0387 | 2 Realnetworks, Redhat | 3 Realone Player, Realplayer, Rhel Extras | 2026-04-16 | N/A |
| Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file. | ||||
| CVE-2004-0389 | 1 Realnetworks | 1 Helix Universal Server | 2026-04-16 | 7.5 High |
| RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests. | ||||
| CVE-2004-0391 | 1 Cisco | 2 Hosting Solution Engine, Wireless Lan Solution Engine | 2026-04-16 | N/A |
| Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration. | ||||
| CVE-2004-0392 | 1 Kame | 1 Racoon | 2026-04-16 | N/A |
| racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields. | ||||
| CVE-2004-0394 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. | ||||
| CVE-2004-1704 | 1 Wire Plastic Design | 1 Wpquiz | 2026-04-16 | N/A |
| WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras directory. | ||||
| CVE-2004-1705 | 1 Citadel | 1 Ux | 2026-04-16 | N/A |
| Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username. | ||||
| CVE-2004-0397 | 1 Subversion | 1 Subversion | 2026-04-16 | N/A |
| Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command. | ||||
| CVE-2004-1706 | 1 U.s.robotics | 1 Usr808054 | 2026-04-16 | N/A |
| The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version string. | ||||
| CVE-2004-0399 | 1 University Of Cambridge | 1 Exim | 2026-04-16 | N/A |
| Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification. | ||||