Total
29737 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0131 | 1 Gnu | 1 Radius | 2025-04-03 | N/A |
| The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | ||||
| CVE-2004-0158 | 1 Lgames | 1 Lbreakout2 | 2025-04-03 | N/A |
| Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c. | ||||
| CVE-2004-0159 | 1 Samhain Labs | 1 Hsftp | 2025-04-03 | N/A |
| Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command. | ||||
| CVE-2004-0160 | 1 Synaesthesia | 1 Synaesthesia | 2025-04-03 | N/A |
| Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file. | ||||
| CVE-2004-0162 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2025-04-03 | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients. | ||||
| CVE-2004-0178 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes. | ||||
| CVE-2004-0228 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges. | ||||
| CVE-2004-0264 | 2 Jim Rees, Shaun2k2 | 2 Jim Rees Httpd, Palmhttpd | 2025-04-03 | N/A |
| palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue. | ||||
| CVE-2004-0287 | 1 Xlight Ftp Server | 1 Xlight Ftp Server | 2025-04-03 | N/A |
| Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a RETR command with a long argument containing a large number of / (slash) characters, possibly triggering a buffer overflow. | ||||
| CVE-2004-0307 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way handshake and sending an invalid response instead. | ||||
| CVE-2004-0309 | 1 Zonelabs | 2 Integrity, Zonealarm | 2025-04-03 | N/A |
| Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument. | ||||
| CVE-2004-0310 | 1 Livejournal | 1 Livejournal | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url. | ||||
| CVE-2004-0336 | 1 Software602 | 1 602pro Lan Suite | 2025-04-03 | N/A |
| LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory. | ||||
| CVE-2004-1330 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | ||||
| CVE-2004-0354 | 1 Gnu | 1 Anubis | 2025-04-03 | N/A |
| Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c. | ||||
| CVE-2004-0355 | 1 Invision Power Services | 1 Invision Board | 2025-04-03 | N/A |
| Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message. | ||||
| CVE-2004-0356 | 1 Seattle Lab Software | 1 Slmail Pro | 2025-04-03 | N/A |
| Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version. | ||||
| CVE-2004-0357 | 1 Seattle Lab Software | 1 Slmail Pro | 2025-04-03 | N/A |
| Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll. | ||||
| CVE-2004-0394 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. | ||||
| CVE-2004-0395 | 1 Gatos | 1 Gatos | 2025-04-03 | N/A |
| The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call. | ||||