ReportizFlow
Filtered by vendor
Subscriptions
Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0490 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529. | ||||
| CVE-2004-0493 | 6 Apache, Avaya, Gentoo and 3 more | 9 Http Server, Converged Communications Server, S8300 and 6 more | 2026-04-16 | N/A |
| The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. | ||||
| CVE-2004-0502 | 1 Microsoft | 1 Outlook | 2026-04-16 | N/A |
| Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI. | ||||
| CVE-2004-0506 | 3 Ethereal Group, Redhat, Sgi | 3 Ethereal, Enterprise Linux, Propack | 2026-04-16 | N/A |
| The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference. | ||||
| CVE-2004-0516 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. | ||||
| CVE-2004-0526 | 1 Microsoft | 4 Ie, Internet Explorer, Outlook and 1 more | 2026-04-16 | N/A |
| Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | ||||
| CVE-2004-0535 | 7 Conectiva, Engardelinux, Gentoo and 4 more | 18 Linux, Secure Community, Secure Linux and 15 more | 2026-04-16 | N/A |
| The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. | ||||
| CVE-2006-0956 | 1 Nufw | 1 Nufw Firewall | 2026-04-16 | N/A |
| nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server. | ||||
| CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2026-04-16 | N/A |
| Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | ||||
| CVE-2004-0558 | 2 Easy Software Products, Redhat | 2 Cups, Enterprise Linux | 2026-04-16 | N/A |
| The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port. | ||||
| CVE-2004-0580 | 1 Linksys | 12 Befcmu10, Befn2ps4, Befsr11 and 9 more | 2026-04-16 | N/A |
| DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2004-0629 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-04-16 | N/A |
| Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string. | ||||
| CVE-2004-0631 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2026-04-16 | N/A |
| Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command. | ||||
| CVE-2004-0667 | 2 Gentoo, Rsbac | 2 Linux, Rule Set Based Access Control | 2026-04-16 | N/A |
| Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. | ||||
| CVE-2004-0739 | 1 Snapfiles | 1 Whisper Ftp Surfer | 2026-04-16 | N/A |
| Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long filename. | ||||
| CVE-2004-0764 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | ||||
| CVE-2004-0796 | 2 Redhat, Spamassassin | 2 Enterprise Linux, Spamassassin | 2026-04-16 | N/A |
| SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages. | ||||
| CVE-2004-0800 | 2 Avaya, Sun | 4 Call Management System Server, Dtmail, Solaris and 1 more | 2026-04-16 | N/A |
| Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value. | ||||
| CVE-2004-0831 | 1 Mcafee | 1 Virusscan | 2026-04-16 | N/A |
| McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges. | ||||
| CVE-2004-0838 | 1 Lexar | 1 Jumpdrive Secure | 2026-04-16 | N/A |
| Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive. | ||||