Export limit exceeded: 16454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (16454 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0232 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2004-0417 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2026-04-16 | N/A |
| Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | ||||
| CVE-2004-0419 | 4 Gentoo, Redhat, X.org and 1 more | 4 Linux, Enterprise Linux, X11r6 and 1 more | 2026-04-16 | N/A |
| XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. | ||||
| CVE-2004-0422 | 2 Gnu, Redhat | 2 Flim, Enterprise Linux | 2026-04-16 | N/A |
| flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack. | ||||
| CVE-2004-0424 | 4 Linux, Redhat, Sgi and 1 more | 4 Linux Kernel, Enterprise Linux, Propack and 1 more | 2026-04-16 | N/A |
| Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | ||||
| CVE-2004-0426 | 2 Andrew Tridgell, Redhat | 2 Rsync, Enterprise Linux | 2026-04-16 | N/A |
| rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path. | ||||
| CVE-2004-0447 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. | ||||
| CVE-2002-1090 | 2 Libesmtp, Redhat | 3 Libesmtp, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in read_smtp_response of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to (1) execute arbitrary code via a certain response or (2) cause a denial of service via long server responses. | ||||
| CVE-2004-0595 | 4 Avaya, Php, Redhat and 1 more | 11 Converged Communications Server, Integrated Management, S8300 and 8 more | 2026-04-16 | N/A |
| The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. | ||||
| CVE-2004-0619 | 1 Redhat | 4 Enterprise Linux, Fedora Core, Kernel and 1 more | 2026-04-16 | N/A |
| Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow. | ||||
| CVE-2002-0404 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2004-0634 | 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more | 5 Ethereal, Linux, Mandrake Linux and 2 more | 2026-04-16 | N/A |
| The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. | ||||
| CVE-2004-0748 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2026-04-16 | N/A |
| mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop. | ||||
| CVE-2004-0750 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | N/A |
| Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | ||||
| CVE-2004-0751 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2026-04-16 | N/A |
| The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault). | ||||
| CVE-2004-0752 | 2 Openoffice, Redhat | 2 Openoffice, Enterprise Linux | 2026-04-16 | N/A |
| OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users. | ||||
| CVE-2004-0753 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2026-04-16 | N/A |
| The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file. | ||||
| CVE-2004-0754 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2026-04-16 | N/A |
| Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. | ||||
| CVE-2004-0760 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI. | ||||
| CVE-2004-0761 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted. | ||||