Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0602 1 Freebsd 1 Freebsd 2026-04-16 N/A
The binary compatibility mode for FreeBSD 4.x and 5.x does not properly handle certain Linux system calls, which could allow local users to access kernel memory to gain privileges or cause a system panic.
CVE-2004-0604 2 Gentoo, Gift-fasttrack 2 Linux, Gift-fasttrack 2026-04-16 N/A
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.
CVE-2006-2821 1 Deltascripts 1 Pro Publish 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in DeltaScripts Pro Publish allow remote attackers to inject arbitrary web script or HTML via the (1) artid parameter in art.php and the (2) catname parameter in cat.php.
CVE-2006-2826 1 Phplib Team 1 Phplib 2026-04-16 N/A
SQL injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a allows remote attackers to execute arbitrary SQL commands via the id variable, which is set by a client through a query string or a cookie.
CVE-2004-0607 3 Ipsec-tools, Kame, Redhat 4 Ipsec-tools, Racoon, Enterprise Linux and 1 more 2026-04-16 N/A
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.
CVE-2004-0610 1 Microsoft 1 Mn-500 Wireless Base Station 2026-04-16 N/A
The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service (connection refusal) via a large number of open HTTP connections.
CVE-2004-0614 1 Osticket 1 Osticket Sts 2026-04-16 N/A
osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size.
CVE-2004-0617 1 Arbitroweb 1 Arbitroweb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter.
CVE-2004-0624 1 Artmedic Webdesign 1 Artmedic Links 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php for Artmedic links 5.0 (artmedic_links5) allows remote attackers to execute arbitrary PHP code by modifying the id parameter to reference a URL on a remote web server that contains the code.
CVE-1999-1217 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.
CVE-2004-0884 3 Conectiva, Cyrus, Redhat 3 Linux, Sasl, Enterprise Linux 2026-04-16 N/A
The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs.
CVE-2004-0886 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2026-04-16 N/A
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
CVE-1999-1235 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link.
CVE-1999-0009 11 Bsdi, Caldera, Data General and 8 more 13 Bsd Os, Openlinux, Dg Ux and 10 more 2026-04-16 N/A
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
CVE-2004-0888 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2026-04-16 N/A
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
CVE-1999-1240 1 Gracenote 1 Cddbd 2026-04-16 N/A
Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.
CVE-2004-0893 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
CVE-1999-0010 8 Data General, Ibm, Isc and 5 more 11 Dg Ux, Aix, Bind and 8 more 2026-04-16 N/A
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
CVE-2004-0897 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2004-0900 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary code via a malformed DHCP message, aka the "DHCP Request Vulnerability."