Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0131 | 1 Gnu | 1 Radius | 2026-04-16 | N/A |
| The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | ||||
| CVE-2004-0165 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | ||||
| CVE-2004-0167 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | ||||
| CVE-2004-0169 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function. | ||||
| CVE-2004-0171 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2026-04-16 | N/A |
| FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. | ||||
| CVE-2004-0193 | 1 Iss | 11 Blackice Agent Server, Blackice Pc Protection, Blackice Server Protection and 8 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username. | ||||
| CVE-2004-0256 | 1 Gnu | 1 Libtool | 2026-04-16 | N/A |
| GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. | ||||
| CVE-2004-0263 | 2 Apache, Ibm | 2 Http Server, Http Server | 2026-04-16 | N/A |
| PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information. | ||||
| CVE-2004-0297 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via an LDAP message with a large tag length. | ||||
| CVE-2004-0306 | 1 Cisco | 1 Optical Networking Systems Software | 2026-04-16 | N/A |
| Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories. | ||||
| CVE-2004-0309 | 1 Zonelabs | 2 Integrity, Zonealarm | 2026-04-16 | N/A |
| Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument. | ||||
| CVE-2004-0320 | 1 Ncipher | 1 Nshield | 2026-04-16 | N/A |
| Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands. | ||||
| CVE-2004-0336 | 1 Software602 | 1 602pro Lan Suite | 2026-04-16 | N/A |
| LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory. | ||||
| CVE-2004-0347 | 1 Netscreen | 1 Netscreen-sa 5000 Series | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter. | ||||
| CVE-2004-2551 | 1 Layton Technology | 1 Helpbox | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Layton HelpBox 3.0.1 allow remote attackers to execute arbitrary SQL commands via (1) the sys_comment_id parameter in editcommentenduser.asp, (2) the sys_suspend_id parameter in editsuspensionuser.asp, (3) the table parameter in export_data.asp, (4) the sys_analgroup parameter in manageanalgrouppreference.asp, (5) the sys_asset_id parameter in quickinfoassetrequests.asp, (6) the sys_eusername parameter in quickinfoenduserrequests.asp, and the sys_request_id parameter in (7) requestauditlog.asp, (8) requestcommentsenduser.asp, (9) selectrequestapplytemplate.asp, and (10) selectrequestlink.asp, resulting in an ability to create a new HelpBox user account and read, modify, or delete data from the backend database. | ||||
| CVE-2006-3449 | 1 Microsoft | 1 Powerpoint | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint Malformed Record Vulnerability." | ||||
| CVE-2006-0923 | 1 Myphpnuke | 1 Myphpnuke | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyPHPNuke (MPN) 1.88 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the letter parameter in reviews.php and (2) the dcategory parameter in download.php. | ||||
| CVE-2004-0656 | 1 Pureftpd | 1 Pureftpd | 2026-04-16 | N/A |
| The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections. | ||||
| CVE-2006-3444 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, allows local users to obtain privileges via unspecified vectors involving an "unchecked buffer." | ||||
| CVE-2005-1824 | 1 Gnu | 1 Mailutils | 2026-04-16 | N/A |
| The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks. | ||||