ReportizFlow
Filtered by vendor
Subscriptions
Total
29931 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1231 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Directory traversal vulnerability in Gadu-Gadu allows remote attackers to read arbitrary files via .. (dot dot) sequences in a DCC connection with a CTCP packet that contains a 1 as the type and a 4 as the subtype. | ||||
| CVE-2004-1270 | 2 Easy Software Products, Redhat | 3 Cups, Enterprise Linux, Fedora Core | 2026-04-16 | N/A |
| lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. | ||||
| CVE-2004-1273 | 1 Greed | 1 Greed | 2026-04-16 | N/A |
| Buffer overflow in the DownloadLoop function in main.c for greed 0.81p allows remote attackers to execute arbitrary code via a GRX file containing a long filename. | ||||
| CVE-2005-0288 | 1 Bottomline | 1 Webseries Payment Application | 2026-04-16 | N/A |
| The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords. | ||||
| CVE-2004-1281 | 1 Junkie | 1 Junkie Ftp Client | 2026-04-16 | N/A |
| The ftp_retr function in junkie 0.3.1 allows remote malicious FTP servers to overwrite arbitrary files via .. (dot dot) sequences in a filename. | ||||
| CVE-2004-1282 | 1 Linpopup | 1 Linpopup | 2026-04-16 | N/A |
| Buffer overflow in the strexpand function in string.c for LinPopUp 1.2.0 allows remote attackers to execute arbitrary code via a crafted message that is not properly handled during a Reply operation. | ||||
| CVE-2004-1285 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream. | ||||
| CVE-2004-1290 | 1 William Hoggarth | 1 Pgn2web | 2026-04-16 | N/A |
| Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers to execute arbitrary code via a crafted PGN file. | ||||
| CVE-2004-1292 | 1 Michael Kohn | 1 Ringtonetools | 2026-04-16 | N/A |
| Buffer overflow in the parse_emelody function in parse_emelody.c for ringtonetools 2.22 allows remote attackers to execute arbitrary code via a crafted eMelody file. | ||||
| CVE-2004-1303 | 1 Yanf | 1 Yanf | 2026-04-16 | N/A |
| Buffer overflow in the get function in get.c for Yanf 0.4 allows remote malicious web servers to execute arbitrary code via crafted HTTP responses. | ||||
| CVE-2004-1307 | 11 Apple, Avaya, Conectiva and 8 more | 20 Mac Os X, Mac Os X Server, Call Management System Server and 17 more | 2026-04-16 | N/A |
| Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | ||||
| CVE-2004-1312 | 1 Gfi | 2 Mailessentials, Mailsecurity | 2026-04-16 | N/A |
| A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues. | ||||
| CVE-2004-1318 | 1 Namazu | 1 Namazu | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized. | ||||
| CVE-2004-1320 | 1 Asante | 1 Fm2008 Managed Ethernet Switch | 2026-04-16 | N/A |
| Asante FM2008 running firmware 1.06 is shipped with a default username and password, which could allow remote attackers to gain unauthorized access. | ||||
| CVE-2004-1323 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions. | ||||
| CVE-2004-1329 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. | ||||
| CVE-2004-1330 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | ||||
| CVE-2004-1333 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2026-04-16 | N/A |
| Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow. | ||||
| CVE-2004-1335 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Fedora Core and 1 more | 2026-04-16 | N/A |
| Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. | ||||
| CVE-2004-1336 | 2 Debian, Gentoo | 2 Tetex-bin, Linux | 2026-04-16 | N/A |
| The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. | ||||