Export limit exceeded: 366668 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366668 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366668 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0631 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2026-04-16 N/A
Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command.
CVE-2004-0632 1 Adobe 2 Acrobat, Acrobat Reader 2026-04-16 N/A
Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow.
CVE-2004-0633 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more 5 Ethereal, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
CVE-2004-0634 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more 5 Ethereal, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
CVE-2004-0635 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more 5 Ethereal, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
CVE-2004-0636 1 Aol 1 Instant Messenger 2026-04-16 N/A
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message.
CVE-2004-0637 1 Oracle 2 Oracle8i, Oracle9i 2026-04-16 N/A
Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
CVE-2004-0638 1 Oracle 2 Oracle8i, Oracle9i 2026-04-16 N/A
Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument.
CVE-2004-0639 3 Open Webmail, Sgi, Squirrelmail 3 Open Webmail, Propack, Squirrelmail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.
CVE-2004-0640 2 Netkit, Ssltelnetd 2 Linux Netkit, Secure Telnet 2026-04-16 N/A
Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.
CVE-2004-0641 1 Thomson 1 Speedtouch 2026-04-16 N/A
Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
CVE-2004-0642 3 Debian, Mit, Redhat 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more 2026-04-16 N/A
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
CVE-2004-0643 3 Debian, Mit, Redhat 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more 2026-04-16 N/A
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
CVE-2004-0644 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.
CVE-2004-0645 2 Abisource, Wvware 2 Community Abiword, Wvware 2026-04-16 N/A
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.
CVE-2004-0646 1 Macromedia 2 Coldfusion, Jrun 2026-04-16 N/A
Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields.
CVE-2004-0647 1 Shorewall 1 Shorewall 2026-04-16 N/A
shorewall 1.4.10c and earlier, and 2.0.x before 2.0.3a, allows local users to overwrite arbitrary files via a symlink attack on the chains-$$ temporary file.
CVE-2004-0648 1 Mozilla 3 Firefox, Mozilla, Thunderbird 2026-04-16 N/A
Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol.
CVE-2004-0649 2 Gentoo, L2tpd 2 Linux, L2tpd 2026-04-16 N/A
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
CVE-2004-0650 1 Newatlanta 1 Servletexec 2026-04-16 N/A
UploadServlet in Cisco Collaboration Server (CCS) running ServletExec before 3.0E allows remote attackers to upload and execute arbitrary files via a direct call to the UploadServlet URL.