Search Results (54 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1043 7 Apple, Conectiva, Peachtree and 4 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVE-2005-1859 1 Sgi 1 Propack 2026-04-16 N/A
Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array.
CVE-2004-1139 7 Altlinux, Conectiva, Debian and 4 more 9 Alt Linux, Linux, Debian Linux and 6 more 2026-04-16 N/A
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
CVE-2004-1142 7 Altlinux, Conectiva, Debian and 4 more 9 Alt Linux, Linux, Debian Linux and 6 more 2026-04-16 N/A
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
CVE-2004-0108 3 Redhat, Sgi, Sysstat 4 Enterprise Linux, Sysstat, Propack and 1 more 2026-04-16 N/A
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.
CVE-2004-0112 24 4d, Apple, Avaya and 21 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2026-04-16 N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2004-0104 3 Metamail Corporation, Redhat, Sgi 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more 2026-04-16 N/A
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
CVE-2004-0107 3 Redhat, Sgi, Sysstat 5 Enterprise Linux, Linux, Sysstat and 2 more 2026-04-16 N/A
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
CVE-2004-0110 3 Redhat, Sgi, Xmlsoft 5 Enterprise Linux, Linux, Propack and 2 more 2026-04-16 N/A
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
CVE-2004-0148 3 Redhat, Sgi, Washington University 3 Enterprise Linux, Propack, Wu-ftpd 2026-04-16 N/A
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
CVE-2004-0226 5 Gentoo, Midnight Commander, Redhat and 2 more 6 Linux, Midnight Commander, Enterprise Linux and 3 more 2026-04-16 N/A
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-0231 5 Gentoo, Midnight Commander, Redhat and 2 more 6 Linux, Midnight Commander, Enterprise Linux and 3 more 2026-04-16 N/A
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
CVE-2004-0234 8 Clearswift, F-secure, Rarlab and 5 more 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more 2026-04-16 N/A
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
CVE-2004-0414 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2026-04-16 N/A
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
CVE-2004-0424 4 Linux, Redhat, Sgi and 1 more 4 Linux Kernel, Enterprise Linux, Propack and 1 more 2026-04-16 N/A
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
CVE-2004-0504 3 Ethereal Group, Redhat, Sgi 3 Ethereal, Enterprise Linux, Propack 2026-04-16 N/A
Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.
CVE-2004-0639 3 Open Webmail, Sgi, Squirrelmail 3 Open Webmail, Propack, Squirrelmail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.
CVE-2003-0859 5 Gnu, Intel, Quagga and 2 more 8 Glibc, Zebra, Ia64 and 5 more 2026-04-16 N/A
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-2003-0795 4 Gnu, Quagga, Redhat and 1 more 5 Zebra, Quagga, Enterprise Linux and 2 more 2026-04-16 N/A
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
CVE-2003-0991 3 Gnu, Redhat, Sgi 3 Mailman, Enterprise Linux, Propack 2026-04-16 N/A
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.