Search Results (366668 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0610 1 Microsoft 1 Mn-500 Wireless Base Station 2026-04-16 N/A
The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service (connection refusal) via a large number of open HTTP connections.
CVE-2004-0611 1 Netgear 1 Fvs318 2026-04-16 N/A
Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections.
CVE-2004-0612 1 Zonelabs 1 Zonealarm 2026-04-16 N/A
The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification.
CVE-2004-0614 1 Osticket 1 Osticket Sts 2026-04-16 N/A
osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size.
CVE-2004-0615 2 D-link, Dlink 3 Di-614\+, Di-704p, Di-624 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.
CVE-2004-0616 1 Bt 1 Voyager 2000 Wireless Adsl Router 2026-04-16 N/A
The BT Voyager 2000 Wireless ADSL Router has a default public SNMP community name, which allows remote attackers to obtain sensitive information such as the password, which is stored in plaintext.
CVE-2004-0617 1 Arbitroweb 1 Arbitroweb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter.
CVE-2004-0618 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument.
CVE-2004-0619 1 Redhat 4 Enterprise Linux, Fedora Core, Kernel and 1 more 2026-04-16 N/A
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
CVE-2004-0620 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1 allows remote attackers to inject arbitrary HTML or script as other users via the Edit-panel.
CVE-2004-0621 1 Zaireweb Solutions 1 Newsletter Zws 2026-04-16 N/A
admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.
CVE-2004-0622 1 Apple 1 Mac Os X 2026-04-16 N/A
Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory.
CVE-2004-0623 1 Gnu 1 Gnats 2026-04-16 N/A
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.
CVE-2004-0624 1 Artmedic Webdesign 1 Artmedic Links 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php for Artmedic links 5.0 (artmedic_links5) allows remote attackers to execute arbitrary PHP code by modifying the id parameter to reference a URL on a remote web server that contains the code.
CVE-2004-0625 1 Websoft 1 Infinity Web 2026-04-16 N/A
SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and gain privileges via the login page.
CVE-2004-0626 4 Conectiva, Gentoo, Linux and 1 more 4 Linux, Linux, Linux Kernel and 1 more 2026-04-16 N/A
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
CVE-2004-0627 1 Mysql 1 Mysql 2026-04-16 N/A
The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
CVE-2004-0628 1 Mysql 1 Mysql 2026-04-16 N/A
Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
CVE-2004-0629 1 Adobe 2 Acrobat, Acrobat Reader 2026-04-16 N/A
Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string.
CVE-2004-0630 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2026-04-16 N/A
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.