Export limit exceeded: 366508 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 16521 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (16521 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1189 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow.
CVE-2004-1190 2 Redhat, Suse 2 Enterprise Linux, Suse Linux 2026-04-16 N/A
SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.
CVE-2004-1234 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL.
CVE-2004-1235 7 Avaya, Conectiva, Linux and 4 more 20 Converged Communications Server, Intuity Audix, Mn100 and 17 more 2026-04-16 N/A
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
CVE-2004-1237 3 Linux, Redhat, Suse 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-04-16 N/A
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.
CVE-2004-1267 2 Easy Software Products, Redhat 3 Cups, Enterprise Linux, Fedora Core 2026-04-16 N/A
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file.
CVE-2004-1268 2 Easy Software Products, Redhat 3 Cups, Enterprise Linux, Fedora Core 2026-04-16 N/A
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.
CVE-2004-1269 2 Easy Software Products, Redhat 3 Cups, Enterprise Linux, Fedora Core 2026-04-16 N/A
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
CVE-2004-1270 2 Easy Software Products, Redhat 3 Cups, Enterprise Linux, Fedora Core 2026-04-16 N/A
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.
CVE-2004-1287 2 Nasm, Redhat 2 Netwide Assembler, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.
CVE-2004-1307 11 Apple, Avaya, Conectiva and 8 more 20 Mac Os X, Mac Os X Server, Call Management System Server and 17 more 2026-04-16 N/A
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
CVE-2004-1308 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow.
CVE-2004-1316 2 Mozilla, Redhat 2 Mozilla, Enterprise Linux 2026-04-16 N/A
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.
CVE-2004-1335 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Fedora Core and 1 more 2026-04-16 N/A
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
CVE-2004-1380 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
CVE-2004-1382 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2026-04-16 N/A
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
CVE-2004-1392 2 Php, Redhat 2 Php, Enterprise Linux 2026-04-16 N/A
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.
CVE-2004-1453 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2026-04-16 N/A
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
CVE-2004-1487 2 Gnu, Redhat 2 Wget, Enterprise Linux 2026-04-16 N/A
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.
CVE-2004-1488 2 Gnu, Redhat 2 Wget, Enterprise Linux 2026-04-16 N/A
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.