Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0846 | 1 Microsoft | 2 Excel, Office | 2026-04-16 | N/A |
| Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. | ||||
| CVE-2003-0901 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code. | ||||
| CVE-2006-3239 | 1 Vbzoom | 1 Vbzoom | 2026-04-16 | N/A |
| SQL injection vulnerability in message.php in VBZooM 1.11 and earlier allows remote attackers to execute arbitrary SQL commands via the UserID parameter. | ||||
| CVE-2004-0917 | 1 Vignette | 1 Application Portal | 2026-04-16 | N/A |
| The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as server and OS version, and conduct unauthorized activities via an HTTP request to /diag. | ||||
| CVE-2004-0953 | 1 Jabber Software Foundation | 1 Jabber Server | 2026-04-16 | N/A |
| Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long username. | ||||
| CVE-2004-1014 | 4 Debian, Mandrakesoft, Nfs and 1 more | 6 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2026-04-16 | N/A |
| statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated. | ||||
| CVE-2004-1090 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2026-04-16 | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." | ||||
| CVE-2004-1097 | 1 Cherokee | 1 Cherokee Httpd | 2026-04-16 | N/A |
| Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL. | ||||
| CVE-2004-1124 | 1 Sco | 2 Openserver, Unixware | 2026-04-16 | N/A |
| Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. | ||||
| CVE-2001-0418 | 1 Ncm | 1 Ncm Content Management System | 2026-04-16 | N/A |
| content.pl script in NCM Content Management System allows remote attackers to read arbitrary contents of the content database by inserting SQL characters into the id parameter. | ||||
| CVE-2006-0230 | 1 Symantec | 1 Antivirus Scan Engine | 2026-04-16 | N/A |
| Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests. | ||||
| CVE-2002-0005 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via a long argument in a game request (AddGame). | ||||
| CVE-2002-0010 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean chart" query in buglist.cgi, (3) the mybugslink parameter in userprefs.cgi, (4) a malformed bug ID in the buglist parameter in long_list.cgi, and (5) the value parameter in editusers.cgi, which allows groupset privileges to be modified by attackers with blessgroupset privileges. | ||||
| CVE-2004-1182 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password. | ||||
| CVE-2004-1199 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | ||||
| CVE-2002-0037 | 1 Ibm | 1 Lotus Domino Server | 2026-04-16 | N/A |
| Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. | ||||
| CVE-2004-1221 | 1 Darryl Burgdorf | 1 Weblibs | 2026-04-16 | N/A |
| Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows remote attackers to read arbitrary files via .. sequences in the TextFile parameter. | ||||
| CVE-2004-1227 | 1 Sugarcrm | 1 Sugar Sales | 2026-04-16 | N/A |
| Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the (1) module, (2) action, or (3) theme parameters to index.php, (4) the theme parameter to Login.php, and possibly other parameters or scripts. | ||||
| CVE-2004-1232 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename. | ||||
| CVE-2002-0068 | 2 Redhat, Squid | 2 Linux, Squid | 2026-04-16 | N/A |
| Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | ||||