Search Results (366624 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0372 1 Xine 1 Xine 2026-04-16 N/A
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
CVE-2004-0374 1 Interchange Development Group 1 Interchange 2026-04-16 N/A
Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string.
CVE-2004-0375 1 Symantec 4 Client Firewall, Client Security, Norton Internet Security and 1 more 2026-04-16 N/A
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
CVE-2004-0376 1 Oftpd 1 Oftpd 2026-04-16 N/A
oftpd 0.3.6 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command with a large value.
CVE-2004-0377 2 Activestate, Larry Wall 2 Activeperl, Perl 2026-04-16 N/A
Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.
CVE-2004-0379 1 Microsoft 1 Sharepoint Portal Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow remote attackers to process arbitrary web content and steal cookies via certain server scripts.
CVE-2004-0380 1 Microsoft 1 Outlook Express 2026-04-16 N/A
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
CVE-2004-0381 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2026-04-16 N/A
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
CVE-2004-0382 1 Apple 1 Mac Os X 2026-04-16 N/A
Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting.
CVE-2004-0383 1 Apple 1 Mac Os X 2026-04-16 N/A
Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email."
CVE-2004-0385 1 Oracle 2 Application Server Web Cache, E-business Suite 2026-04-16 N/A
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."
CVE-2004-0394 1 Linux 1 Linux Kernel 2026-04-16 N/A
A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic.
CVE-2004-0386 3 Gentoo, Mandrakesoft, Mplayer 3 Linux, Mandrake Linux, Mplayer 2026-04-16 N/A
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
CVE-2004-0387 2 Realnetworks, Redhat 3 Realone Player, Realplayer, Rhel Extras 2026-04-16 N/A
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.
CVE-2004-0388 2 Oracle, Redhat 2 Mysql, Enterprise Linux 2026-04-16 N/A
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-0389 1 Realnetworks 1 Helix Universal Server 2026-04-16 7.5 High
RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests.
CVE-2004-0390 1 Sco 1 Openserver 2026-04-16 N/A
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.
CVE-2004-0391 1 Cisco 2 Hosting Solution Engine, Wireless Lan Solution Engine 2026-04-16 N/A
Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration.
CVE-2004-0392 1 Kame 1 Racoon 2026-04-16 N/A
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields.
CVE-2004-0393 1 Rlpr 1 Rlpr 2026-04-16 N/A
Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.