Search Results (366763 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0813 2 Ide-cd, Redhat 2 Ide-cd, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations.
CVE-2004-0814 3 Linux, Redhat, Ubuntu 3 Linux Kernel, Enterprise Linux, Ubuntu Linux 2026-04-16 N/A
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.
CVE-2004-0815 2 Redhat, Samba 2 Enterprise Linux, Samba 2026-04-16 N/A
The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.
CVE-2004-0816 1 Linux 1 Linux Kernel 2026-04-16 7.5 High
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
CVE-2004-0817 9 Conectiva, Enlightenment, Imagemagick and 6 more 16 Linux, Imlib, Imlib2 and 13 more 2026-04-16 N/A
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVE-2004-0819 1 Openbsd 1 Openbsd 2026-04-16 N/A
The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet.
CVE-2004-0820 1 Nullsoft 1 Winamp 2026-04-16 N/A
Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
CVE-2004-0821 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges.
CVE-2004-0822 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable.
CVE-2004-0823 3 Apple, Openldap, Redhat 4 Mac Os X, Mac Os X Server, Openldap and 1 more 2026-04-16 N/A
OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them.
CVE-2004-0824 1 Apple 1 Mac Os X 2026-04-16 N/A
PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files.
CVE-2004-0825 1 Apple 1 Mac Os X Server 2026-04-16 N/A
QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations.
CVE-2004-0826 4 Hp, Mozilla, Netscape and 1 more 10 Hp-ux, Network Security Services, Certificate Server and 7 more 2026-04-16 N/A
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVE-2004-0827 9 Conectiva, Enlightenment, Imagemagick and 6 more 14 Linux, Imlib, Imlib2 and 11 more 2026-04-16 N/A
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVE-2004-0828 1 Ibm 1 Aix 2026-04-16 N/A
The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.
CVE-2004-0829 1 Samba 1 Samba 2026-04-16 N/A
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.
CVE-2004-0830 1 F-secure 3 F-secure Anti-virus, F-secure Content Scanner Server, Internet Gatekeeper 2026-04-16 N/A
The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet.
CVE-2004-0831 1 Mcafee 1 Virusscan 2026-04-16 N/A
McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges.
CVE-2004-0832 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
CVE-2004-0833 1 Debian 1 Debian Linux 2026-04-16 N/A
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.