Search Results (363820 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0664 1 Powerportal 1 Powerportal 2026-04-16 N/A
Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directories via a .. (dot dot) in the files parameter.
CVE-2005-2758 1 Symantec 2 Antivirus Scan Engine, Antivirus Scan Engine For Network Attached Storage 2026-04-16 N/A
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
CVE-2005-2751 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
memberd in Mac OS X 10.4 up to 10.4.2, in certain situations, does not quickly synchronize access control checks with changes in group membership, which could allow users to access files and other resources after they have been removed from a group.
CVE-2004-0157 1 Xonix 1 Xonix 2026-04-16 N/A
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.
CVE-2005-2656 1 Polygen 1 Polygen 2026-04-16 N/A
Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service (disk consumption) and possibly perform other unauthorized activities.
CVE-2004-0159 1 Samhain Labs 1 Hsftp 2026-04-16 N/A
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command.
CVE-2004-0162 3 Clearswift, F-secure, Paul L Daniels 3 Mailsweeper, Internet Gatekeeper, Ripmime 2026-04-16 N/A
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.
CVE-2005-2657 1 Common-lisp-controller 1 Common-lisp-controller 2026-04-16 N/A
Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before.
CVE-2005-2658 1 Softwolves Software 1 Turquoise Superstat 2026-04-16 N/A
Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month.
CVE-2005-2659 1 Jed Wing 1 Chm Lib 2026-04-16 N/A
Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors.
CVE-2005-2661 1 Up-imapproxy 1 Up-imapproxy 2026-04-16 N/A
Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.
CVE-2004-0183 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2026-04-16 N/A
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0184 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2026-04-16 N/A
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0185 2 Redhat, Washington University 2 Enterprise Linux, Wu-ftpd 2026-04-16 N/A
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
CVE-2004-0186 2 Linux, Samba 2 Linux Kernel, Samba 2026-04-16 N/A
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
CVE-2005-2662 1 Masqmail 1 Masqmail 2026-04-16 N/A
masqmail before 0.2.18 allows remote attackers to execute arbitrary commands via crafted e-mail addresses that are not properly sanitized when creating a failed delivery message.
CVE-2004-0189 2 Redhat, Squid 3 Enterprise Linux, Linux, Squid 2026-04-16 N/A
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists.
CVE-2004-0190 1 Symantec 3 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r 2026-04-16 N/A
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
CVE-2004-0194 1 Adobe 1 Acrobat Reader 2026-04-16 N/A
Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data.
CVE-2005-2664 1 Whisper32 1 Whisper32 2026-04-16 N/A
Whisper 32 1.16, and possibly earlier versions, stores passwords in plaintext in memory, which allows local users to obtain the password using a debugger or another mechanism to read process memory.