Export limit exceeded: 347925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1316 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated. | ||||
| CVE-2004-1317 | 1 Netcat | 1 Netcat | 2025-04-03 | N/A |
| Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command. | ||||
| CVE-2004-1318 | 1 Namazu | 1 Namazu | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized. | ||||
| CVE-2004-1319 | 2 Microsoft, Nortel | 9 Windows 2000, Windows 2003 Server, Windows 98 and 6 more | 2025-04-03 | N/A |
| The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180. | ||||
| CVE-2004-1320 | 1 Asante | 1 Fm2008 Managed Ethernet Switch | 2025-04-03 | N/A |
| Asante FM2008 running firmware 1.06 is shipped with a default username and password, which could allow remote attackers to gain unauthorized access. | ||||
| CVE-2004-1321 | 1 Asante | 1 Fm2008 Managed Ethernet Switch | 2025-04-03 | N/A |
| The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access. | ||||
| CVE-2004-1322 | 1 Cisco | 1 Unity Server | 2025-04-03 | N/A |
| Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. | ||||
| CVE-2004-1323 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions. | ||||
| CVE-2004-1324 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | N/A |
| The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer. | ||||
| CVE-2004-1325 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | N/A |
| The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system. | ||||
| CVE-2004-1326 | 1 Ultrix | 1 Dxterm | 2025-04-03 | N/A |
| Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -setup parameter. | ||||
| CVE-2004-1327 | 1 Crystal Art Software | 1 Crystal Ftp | 2025-04-03 | N/A |
| Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension. | ||||
| CVE-2004-1328 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. | ||||
| CVE-2004-1329 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. | ||||
| CVE-2004-1330 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | ||||
| CVE-2004-1331 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | N/A |
| The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command. | ||||
| CVE-2004-1332 | 1 Hp | 5 Hp-ux, Hp-ux Series 700, Hp-ux Series 800 and 2 more | 2025-04-03 | N/A |
| Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. | ||||
| CVE-2004-1333 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2025-04-03 | N/A |
| Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow. | ||||
| CVE-2004-1334 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2025-04-03 | N/A |
| Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. | ||||
| CVE-2004-1335 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Fedora Core and 1 more | 2025-04-03 | N/A |
| Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. | ||||