Export limit exceeded: 360632 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360632 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0610 | 1 Microsoft | 1 Mn-500 Wireless Base Station | 2026-04-16 | N/A |
| The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service (connection refusal) via a large number of open HTTP connections. | ||||
| CVE-2004-0611 | 1 Netgear | 1 Fvs318 | 2026-04-16 | N/A |
| Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections. | ||||
| CVE-2004-0612 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification. | ||||
| CVE-2004-0617 | 1 Arbitroweb | 1 Arbitroweb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter. | ||||
| CVE-2004-0618 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument. | ||||
| CVE-2004-0620 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in (1) newreply.php or (2) newthread.php in vBulletin 3.0.1 allows remote attackers to inject arbitrary HTML or script as other users via the Edit-panel. | ||||
| CVE-2004-0621 | 1 Zaireweb Solutions | 1 Newsletter Zws | 2026-04-16 | N/A |
| admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords. | ||||
| CVE-2004-0622 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory. | ||||
| CVE-2004-0625 | 1 Websoft | 1 Infinity Web | 2026-04-16 | N/A |
| SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and gain privileges via the login page. | ||||
| CVE-2004-0626 | 4 Conectiva, Gentoo, Linux and 1 more | 4 Linux, Linux, Linux Kernel and 1 more | 2026-04-16 | N/A |
| The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. | ||||
| CVE-2004-0627 | 1 Mysql | 1 Mysql | 2026-04-16 | N/A |
| The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string. | ||||
| CVE-2004-0628 | 1 Mysql | 1 Mysql | 2026-04-16 | N/A |
| Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string. | ||||
| CVE-2004-0629 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-04-16 | N/A |
| Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string. | ||||
| CVE-2004-0630 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2026-04-16 | N/A |
| The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command. | ||||
| CVE-2004-0632 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-04-16 | N/A |
| Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow. | ||||
| CVE-2004-0634 | 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more | 5 Ethereal, Linux, Mandrake Linux and 2 more | 2026-04-16 | N/A |
| The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. | ||||
| CVE-2004-0635 | 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more | 5 Ethereal, Linux, Mandrake Linux and 2 more | 2026-04-16 | N/A |
| The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read. | ||||
| CVE-2004-0636 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. | ||||
| CVE-2004-0637 | 1 Oracle | 2 Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible. | ||||
| CVE-2004-0638 | 1 Oracle | 2 Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument. | ||||