Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0534 1 Businessobjects 2 Infoview, Webintelligence 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.
CVE-2004-0528 1 Netscape 1 Navigator 2026-04-16 N/A
Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.
CVE-2004-0530 1 Slackware 1 Slackware Linux 2026-04-16 N/A
The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path.
CVE-2004-0552 1 Sophos 1 Small Business Suite 2026-04-16 N/A
Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.
CVE-2004-0547 1 Postgresql 1 Postgresql 2026-04-16 N/A
Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash).
CVE-2004-0560 1 University Of Minnesota 1 Gopherd 2026-04-16 N/A
Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted content of a certain size that triggers the overflow.
CVE-2004-0561 1 University Of Minnesota 1 Gopherd 2026-04-16 N/A
Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2004-0566 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value.
CVE-2004-0579 2 Debian, William Deich 2 Debian Linux, Super 2026-04-16 N/A
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
CVE-2004-0651 1 Sun 2 Jre, Sdk 2026-04-16 N/A
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang).
CVE-2004-0584 1 Horde 1 Imp 2026-04-16 N/A
Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly validate input, which allows remote attackers to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross-site scripting (XSS) vulnerability.
CVE-2004-0582 1 Webmin 1 Webmin 2026-04-16 N/A
Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module.
CVE-2004-0586 1 Ibm 1 Acprunner 2026-04-16 N/A
acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the (1) DownLoadURL, (2) SaveFilePath, and (3) Download ActiveX methods.
CVE-2004-0587 3 Mandrakesoft, Redhat, Suse 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more 2026-04-16 N/A
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
CVE-2004-0588 1 Usermin 1 Usermin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote attackers to insert arbitrary HTML and script via e-mail messages.
CVE-2004-0596 1 Linux 1 Linux Kernel 2026-04-16 N/A
The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference.
CVE-2004-0606 1 Infoblox 1 Dns One Appliance 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Infoblox DNS One running firmware 2.4.0-8 and earlier allows remote attackers to execute arbitrary scripts as other users via the (1) CLIENTID or (2) HOSTNAME option of a DHCP request.
CVE-2004-0591 1 Inter7 1 Sqwebmail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-status" MIME Content-Type.
CVE-2004-0600 3 Redhat, Samba, Trustix 3 Enterprise Linux, Samba, Secure Linux 2026-04-16 N/A
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
CVE-2004-0697 1 4d 1 Webstar 2026-04-16 N/A
Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information.