Export limit exceeded: 23429 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23429 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0883 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2026-04-16 | N/A |
| Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function. | ||||
| CVE-2004-0884 | 3 Conectiva, Cyrus, Redhat | 3 Linux, Sasl, Enterprise Linux | 2026-04-16 | N/A |
| The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs. | ||||
| CVE-2004-0885 | 2 Apache, Redhat | 6 Http Server, Enterprise Linux, Network Proxy and 3 more | 2026-04-16 | N/A |
| The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration. | ||||
| CVE-2004-0886 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2026-04-16 | N/A |
| Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | ||||
| CVE-2004-0891 | 5 Gentoo, Redhat, Rob Flynn and 2 more | 5 Linux, Enterprise Linux, Gaim and 2 more | 2026-04-16 | N/A |
| Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. | ||||
| CVE-2004-0903 | 4 Conectiva, Mozilla, Redhat and 1 more | 9 Linux, Mozilla, Thunderbird and 6 more | 2026-04-16 | N/A |
| Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. | ||||
| CVE-2004-0906 | 2 Mozilla, Redhat | 3 Mozilla, Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code. | ||||
| CVE-2004-0908 | 2 Mozilla, Redhat | 3 Mozilla, Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins. | ||||
| CVE-2004-0918 | 6 Gentoo, Openpkg, Redhat and 3 more | 7 Linux, Openpkg, Enterprise Linux and 4 more | 2026-04-16 | N/A |
| The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | ||||
| CVE-2004-0685 | 3 Linux, Redhat, Trustix | 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2026-04-16 | N/A |
| Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. | ||||
| CVE-2004-0686 | 3 Redhat, Samba, Trustix | 3 Enterprise Linux, Samba, Secure Linux | 2026-04-16 | N/A |
| Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | ||||
| CVE-2004-0688 | 5 Openbsd, Redhat, Suse and 2 more | 6 Openbsd, Enterprise Linux, Network Satellite and 3 more | 2026-04-16 | N/A |
| Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. | ||||
| CVE-2004-0691 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2026-04-16 | N/A |
| Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. | ||||
| CVE-2004-0693 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2026-04-16 | N/A |
| The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692. | ||||
| CVE-2004-0718 | 4 Firebirdsql, Mozilla, Netscape and 1 more | 4 Firebird, Mozilla, Navigator and 1 more | 2026-04-16 | N/A |
| The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | ||||
| CVE-2004-0721 | 2 Kde, Redhat | 2 Konqueror, Enterprise Linux | 2026-04-16 | N/A |
| Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | ||||
| CVE-2004-0722 | 3 Mozilla, Netscape, Redhat | 3 Mozilla, Navigator, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. | ||||
| CVE-2004-0745 | 2 Redhat, Tsugio Okamoto | 2 Enterprise Linux, Lha | 2026-04-16 | N/A |
| LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name. | ||||
| CVE-2004-0759 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag. | ||||
| CVE-2004-0760 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI. | ||||