Search Results (364918 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0152 1 Emil 1 Emil 2026-04-16 N/A
Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames.
CVE-2004-0153 1 Emil 1 Emil 2026-04-16 N/A
Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execute arbitrary code by triggering certain error messages.
CVE-2004-0154 2 Nfs, Redhat 2 Nfs-utils, Enterprise Linux 2026-04-16 N/A
rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name.
CVE-2004-0155 2 Kame, Redhat 2 Racoon, Enterprise Linux 2026-04-16 N/A
The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate.
CVE-2004-0156 1 Ssmtp 1 Ssmtp 2026-04-16 N/A
Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code.
CVE-2004-0157 1 Xonix 1 Xonix 2026-04-16 N/A
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.
CVE-2004-0158 1 Lgames 1 Lbreakout2 2026-04-16 N/A
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c.
CVE-2004-0159 1 Samhain Labs 1 Hsftp 2026-04-16 N/A
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command.
CVE-2004-0160 1 Synaesthesia 1 Synaesthesia 2026-04-16 N/A
Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file.
CVE-2004-0161 3 Clearswift, F-secure, Paul L Daniels 3 Mailsweeper, Internet Gatekeeper, Ripmime 2026-04-16 N/A
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.
CVE-2004-0162 3 Clearswift, F-secure, Paul L Daniels 3 Mailsweeper, Internet Gatekeeper, Ripmime 2026-04-16 N/A
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.
CVE-2004-0163 1 Sygate Technologies 1 Secure Enterprise 2026-04-16 N/A
Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session and repeatedly replaying the session.
CVE-2004-0164 2 Kame, Redhat 2 Racoon, Enterprise Linux 2026-04-16 N/A
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
CVE-2004-0165 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges.
CVE-2004-0166 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar."
CVE-2004-0167 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media.
CVE-2004-0168 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."
CVE-2004-0169 1 Apple 1 Darwin Streaming Server 2026-04-16 N/A
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function.
CVE-2004-0171 2 Freebsd, Openbsd 2 Freebsd, Openbsd 2026-04-16 N/A
FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections.
CVE-2004-0172 1 Juan Cespedes 1 Ltrace 2026-04-16 N/A
Heap-based buffer overflow in the search_for_command function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a setuid program, so this candidate might be REJECTed.