Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0729 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows parameter to index.php, (2) faq parameter to faq.php, or (3) ranksrow parameter to profile.php, which reveal the full path in an error message. | ||||
| CVE-2004-0744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | ||||
| CVE-2004-0740 | 1 Lexmark | 1 T522 Network Printer | 2026-04-16 | N/A |
| The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server crash, reload, or hang) via an HTTP header with a long Host field, possibly triggering a buffer overflow. | ||||
| CVE-2004-0750 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | N/A |
| Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | ||||
| CVE-2004-0752 | 2 Openoffice, Redhat | 2 Openoffice, Enterprise Linux | 2026-04-16 | N/A |
| OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users. | ||||
| CVE-2004-0754 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2026-04-16 | N/A |
| Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. | ||||
| CVE-2004-0759 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag. | ||||
| CVE-2004-0760 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI. | ||||
| CVE-2004-0761 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted. | ||||
| CVE-2004-0762 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. | ||||
| CVE-2004-0763 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method. | ||||
| CVE-2004-0764 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | ||||
| CVE-2004-1309 | 1 Mplayer | 1 Unix Mplayer | 2026-04-16 | N/A |
| Heap-based buffer overflow in the demux_open_bmp function in demux_bmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap (BMP) file containing a large biClrUsed field. | ||||
| CVE-2004-1310 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet. | ||||
| CVE-2004-1311 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. | ||||
| CVE-2004-1312 | 1 Gfi | 2 Mailessentials, Mailsecurity | 2026-04-16 | N/A |
| A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues. | ||||
| CVE-2004-1313 | 1 Webroot Software | 1 My Firewall Plus | 2026-04-16 | N/A |
| The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges. | ||||
| CVE-2004-1314 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122. | ||||
| CVE-2004-1315 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which is then processed by PHP exec, as exploited by the Santy.A worm. | ||||
| CVE-2004-1317 | 1 Netcat | 1 Netcat | 2026-04-16 | N/A |
| Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command. | ||||