Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0336 1 Software602 1 602pro Lan Suite 2025-04-03 N/A
LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory.
CVE-2004-1330 1 Ibm 1 Aix 2025-04-03 N/A
Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.
CVE-2004-0345 1 Volition 1 Red Faction 2025-04-03 N/A
Buffer overflow in Red Faction client 1.20 and earlier allows remote servers to execute arbitrary code via a long server name.
CVE-2004-0354 1 Gnu 1 Anubis 2025-04-03 N/A
Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c.
CVE-2004-0356 1 Seattle Lab Software 1 Slmail Pro 2025-04-03 N/A
Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.
CVE-2004-0357 1 Seattle Lab Software 1 Slmail Pro 2025-04-03 N/A
Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll.
CVE-2004-0355 1 Invision Power Services 1 Invision Board 2025-04-03 N/A
Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message.
CVE-2004-0364 1 Symantec 1 Norton Internet Security 2025-04-03 N/A
The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.
CVE-2004-0376 1 Oftpd 1 Oftpd 2025-04-03 N/A
oftpd 0.3.6 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command with a large value.
CVE-2006-1372 1 Benson It Solutions 1 1webcalendar 2025-04-03 N/A
Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) EventID parameter in viewEvent.cfm, (2) NewsID parameter in newsView.cfm, or (3) ThisDate parameter in mainCal.cfm.
CVE-2004-0383 1 Apple 1 Mac Os X 2025-04-03 N/A
Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email."
CVE-2004-0395 1 Gatos 1 Gatos 2025-04-03 N/A
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.
CVE-2004-0394 1 Linux 1 Linux Kernel 2025-04-03 N/A
A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic.
CVE-2004-0402 2 Mandrakesoft, Xpcd 2 Mandrake Linux, Xpcd 2025-04-03 N/A
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.
CVE-2004-0404 1 Psionic 1 Logcheck 2025-04-03 N/A
logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.
CVE-2005-3217 1 Symantec 1 Antivirus Scan Engine 2025-04-03 N/A
Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2004-0415 3 Linux, Redhat, Trustix 4 Linux Kernel, Enterprise Linux, Fedora Core and 1 more 2025-04-03 N/A
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
CVE-2005-2438 1 Usebb 1 Usebb 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in UseBB 0.5.1 and earlier allows remote attackers to inject arbitrary Javascript via the BBCode color value.
CVE-2005-3220 1 Norman 1 Virus Control Antivirus 2025-04-03 N/A
Multiple interpretation error in unspecified versions of Norman Virus Control Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2004-0422 2 Gnu, Redhat 2 Flim, Enterprise Linux 2025-04-03 N/A
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.