Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0362 1 Awstats 1 Awstats 2026-04-16 N/A
awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.
CVE-2005-0364 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
CVE-2005-0365 2 Kde, Redhat 2 Kde, Enterprise Linux 2026-04-16 N/A
The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-0395 1 Gatos 1 Gatos 2026-04-16 N/A
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.
CVE-2005-0373 6 Apple, Conectiva, Cyrus and 3 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
CVE-2004-0400 1 University Of Cambridge 1 Exim 2026-04-16 N/A
Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
CVE-2004-0402 2 Mandrakesoft, Xpcd 2 Mandrake Linux, Xpcd 2026-04-16 N/A
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.
CVE-2004-0447 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS.
CVE-2004-0403 2 Kame, Redhat 2 Racoon, Enterprise Linux 2026-04-16 N/A
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
CVE-2004-0448 1 Jftpgw 1 Jftpgw 2026-04-16 N/A
Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages.
CVE-2004-0414 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2026-04-16 N/A
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
CVE-2004-0420 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP.
CVE-2004-0422 2 Gnu, Redhat 2 Flim, Enterprise Linux 2026-04-16 N/A
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.
CVE-2004-0454 1 Rlpr 1 Rlpr 2026-04-16 N/A
Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code.
CVE-2005-0428 1 Powerdns 1 Powerdns 2026-04-16 N/A
The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes.
CVE-2004-0598 2 Greg Roelofs, Redhat 2 Libpng, Enterprise Linux 2026-04-16 N/A
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
CVE-2005-0431 1 Barracuda Networks 1 Barracuda Spam Firewall 2026-04-16 N/A
Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam.
CVE-2005-1516 1 Netwin 1 Dmail 2026-04-16 N/A
DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, and shutdown the system via a sendlog command with an incorrect password hash, which is not properly handled by the _cmd_sendlog function.
CVE-2005-0432 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks.
CVE-2004-0609 1 Rssh 1 Rssh 2026-04-16 N/A
rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail.