NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
351601 5.0 MEDIUM
delegate
dnrd
don_moore
maradns
pliant
posadis
qbik
team_johnlong
axis 		delegate
dnrd
mydns
maradns
pliant_dns_server
posadis
wingate
raidendnsd
2100_network_camera
2110_network_camera
2120_network_camera
2400_video_server
2401_video_s… 		Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 a… NVD-CWE-Other
CVE-2004-0789 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351602 7.2 HIGH
debian bsdmainutils The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-0793 2017-07-11 10:30 2004-10-20 Show GitHub Exploit DB Packet Storm
351603 5.1 MEDIUM
luke_mewburn lukemftp
tnftpd 		Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authenticated attackers to cause a denial of service or execute arbitrary code. NVD-CWE-Other
CVE-2004-0794 2017-07-11 10:30 2004-10-20 Show GitHub Exploit DB Packet Storm
351604 7.2 HIGH
ibm db2_universal_database DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. NVD-CWE-Other
CVE-2004-0795 2017-07-11 10:30 2004-10-20 Show GitHub Exploit DB Packet Storm
351605 7.5 HIGH
linuxprinting.org
sun
conectiva
trustix 		foomatic-filters
java_desktop_system
linux
secure_linux 		Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands. NVD-CWE-Other
CVE-2004-0801 2017-07-11 10:30 2004-09-16 Show GitHub Exploit DB Packet Storm
351606 5.1 MEDIUM
enlightenment
imagemagick
sun
conectiva
mandrakesoft
redhat
suse
turbolinux
ubuntu 		imlib
imlib2
imagemagick
java_desktop_system
linux
mandrake_linux
mandrake_linux_corporate_server
enterprise_linux
enterprise_linux_desktop
fedora_core
linux_advanced_wo… 		Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. NVD-CWE-Other
CVE-2004-0802 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351607 7.5 HIGH
mpg123
mandrakesoft 		mpg123
mandrake_linux
mandrake_linux_corporate_server 		Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file. NVD-CWE-Other
CVE-2004-0805 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
351608 5.0 MEDIUM
netopia timbuktu_pro_mac Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to cause a denial of service (server process crash) via a certain data string that is sent to multiple simultaneous client connection… NVD-CWE-Other
CVE-2004-0810 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
351609 5.0 MEDIUM
openbsd openbsd The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service… NVD-CWE-Other
CVE-2004-0819 2017-07-11 10:30 2004-08-25 Show GitHub Exploit DB Packet Storm
351610 4.6 MEDIUM
nullsoft winamp Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. NVD-CWE-Other
CVE-2004-0820 2017-07-11 10:30 2004-08-28 Show GitHub Exploit DB Packet Storm
351611 7.2 HIGH
apple mac_os_x
mac_os_x_server 		The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges. NVD-CWE-Other
CVE-2004-0821 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351612 7.2 HIGH
apple mac_os_x
mac_os_x_server 		Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable. NVD-CWE-Other
CVE-2004-0822 2017-07-11 10:30 2004-09-7 Show GitHub Exploit DB Packet Storm
351613 2.1 LOW
apple mac_os_x PPPDialer for Mac OS X 10.2.8 through 10.3.5 allows local users to overwrite system files via a symlink attack on PPPDialer log files. NVD-CWE-Other
CVE-2004-0824 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351614 5.0 MEDIUM
apple mac_os_x_server QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. NVD-CWE-Other
CVE-2004-0825 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351615 7.5 HIGH
mozilla
netscape
sun
hp 		network_security_services
certificate_server
directory_server
enterprise_server
personalization_engine
java_enterprise_system
java_system_application_server
one_application_serve… 		Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. NVD-CWE-Other
CVE-2004-0826 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351616 2.1 LOW
ibm aix The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary file… NVD-CWE-Other
CVE-2004-0828 2017-07-11 10:30 2004-11-3 Show GitHub Exploit DB Packet Storm
351617 5.0 MEDIUM
samba samba smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demons… NVD-CWE-Other
CVE-2004-0829 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351618 5.0 MEDIUM
f-secure f-secure_anti-virus
f-secure_content_scanner_server
internet_gatekeeper 		The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earli… NVD-CWE-Other
CVE-2004-0830 2017-07-11 10:30 2004-09-9 Show GitHub Exploit DB Packet Storm
351619 7.2 HIGH
mcafee virusscan McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain priv… NVD-CWE-Other
CVE-2004-0831 2017-07-11 10:30 2004-09-14 Show GitHub Exploit DB Packet Storm
351620 7.5 HIGH
debian debian_linux Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail a… NVD-CWE-Other
CVE-2004-0833 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
351621 2.1 LOW
lexar jumpdrive_secure Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password… NVD-CWE-Other
CVE-2004-0838 2017-07-11 10:30 2004-09-13 Show GitHub Exploit DB Packet Storm
351622 5.0 MEDIUM
gnu radius Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cau… NVD-CWE-Other
CVE-2004-0849 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
351623 7.2 HIGH
joerg_schilling star_tape_archiver Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs, which could allow local users to gain privileges by modifying the RSH environment variable to refe… NVD-CWE-Other
CVE-2004-0850 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
351624 2.1 LOW
ulrich_callmeier net-acct The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2004-0851 2017-07-11 10:30 2004-09-8 Show GitHub Exploit DB Packet Storm
351625 7.5 HIGH
htget htget Buffer overflow in htget 0.93 allows remote attackers to execute arbitrary code via a crafted URL. NVD-CWE-Other
CVE-2004-0852 2017-07-11 10:30 2004-12-20 Show GitHub Exploit DB Packet Storm
351626 5.0 MEDIUM
microsoft ie Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers … NVD-CWE-Other
CVE-2004-0869 2017-07-11 10:30 2004-09-16 Show GitHub Exploit DB Packet Storm
351627 5.0 MEDIUM
kde konqueror KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to s… NVD-CWE-Other
CVE-2004-0870 2017-07-11 10:30 2004-09-16 Show GitHub Exploit DB Packet Storm
351628 5.0 MEDIUM
mozilla mozilla Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal c… NVD-CWE-Other
CVE-2004-0871 2017-07-11 10:30 2004-09-16 Show GitHub Exploit DB Packet Storm
351629 7.5 HIGH
apple ichat
ichat_av 		Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program. NVD-CWE-Other
CVE-2004-0873 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
351630 6.8 MEDIUM
phpgroupware phpgroupware Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware (aka webdistro) 0.9.16.002 and earlier allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a reques… NVD-CWE-Other
CVE-2004-0875 2017-07-11 10:30 2004-12-23 Show GitHub Exploit DB Packet Storm
351631 1.2 LOW
getmail
gentoo
slackware 		getmail
linux
slackware_linux 		getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file. NVD-CWE-Other
CVE-2004-0880 2017-07-11 10:30 2005-01-27 Show GitHub Exploit DB Packet Storm
351632 2.1 LOW
getmail
gentoo
slackware 		getmail
linux
slackware_linux 		getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir. NVD-CWE-Other
CVE-2004-0881 2017-07-11 10:30 2005-01-27 Show GitHub Exploit DB Packet Storm
351633 7.2 HIGH
linux
suse 		linux_kernel
suse_linux 		SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges. NVD-CWE-Other
CVE-2004-0887 2017-07-11 10:30 2005-01-27 Show GitHub Exploit DB Packet Storm
351634 10.0 HIGH
easy_software_products
gnome
kde
pdftohtml
tetex
xpdf
debian
gentoo
redhat
suse
ubuntu 		cups
gpdf
koffice
kpdf
pdftohtml
tetex
xpdf
debian_linux
linux
kde
enterprise_linux
enterprise_linux_desktop
fedora_core
linux_advanced_workstation
suse_linu… 		Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a differen… NVD-CWE-Other
CVE-2004-0889 2017-07-11 10:30 2005-01-27 Show GitHub Exploit DB Packet Storm
351635 4.6 MEDIUM
mozilla mozilla
thunderbird 		The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow … NVD-CWE-Other
CVE-2004-0907 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351636 5.1 MEDIUM
mozilla mozilla
thunderbird 		Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing softwar… NVD-CWE-Other
CVE-2004-0909 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351637 5.0 MEDIUM
debian netkit telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than… NVD-CWE-Other
CVE-2004-0911 2017-07-11 10:30 2004-11-3 Show GitHub Exploit DB Packet Storm
351638 4.6 MEDIUM
ecartis ecartis Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snap20020514-1.3 and 1.x before 1.0.0+cvs.20030911-8 allows attackers in the same domain to gain administrator privileges and modify configura… NVD-CWE-Other
CVE-2004-0913 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351639 5.0 MEDIUM
viewcvs
debian 		viewcvs
debian_linux 		Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote a… NVD-CWE-Other
CVE-2004-0915 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
351640 5.0 MEDIUM
vignette application_portal The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as serve… NVD-CWE-Other
CVE-2004-0917 2017-07-11 10:30 2005-01-27 Show GitHub Exploit DB Packet Storm
351641 4.6 MEDIUM
freebsd freebsd The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via (1) negative coordinates or (2) large coordinates. NVD-CWE-Other
CVE-2004-0919 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351642 5.0 MEDIUM
symantec norton_antivirus Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS … NVD-CWE-Other
CVE-2004-0920 2017-07-11 10:30 2004-11-3 Show GitHub Exploit DB Packet Storm
351643 5.0 MEDIUM
hitachi
macromedia 		cosminexus_enterprise
cosminexus_server
coldfusion
jrun 		The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, … NVD-CWE-Other
CVE-2004-0928 2017-07-11 10:30 2004-10-5 Show GitHub Exploit DB Packet Storm
351644 10.0 HIGH
libtiff
suse 		libtiff
suse_linux 		Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to exec… NVD-CWE-Other
CVE-2004-0929 2017-07-11 10:30 2005-01-27 Show GitHub Exploit DB Packet Storm
351645 5.0 MEDIUM
mysql maxdb MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in t… NVD-CWE-Other
CVE-2004-0931 2017-07-11 10:30 2004-12-31 Show GitHub Exploit DB Packet Storm
351646 5.0 MEDIUM
neoteris instant_virtual_extranet changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be enter… NVD-CWE-Other
CVE-2004-0939 2017-07-11 10:30 2005-02-9 Show GitHub Exploit DB Packet Storm
351647 10.0 HIGH
arj_software_inc.
gentoo
suse 		unarj
linux
suse_linux 		Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. NVD-CWE-Other
CVE-2004-0947 2017-07-11 10:30 2005-02-9 Show GitHub Exploit DB Packet Storm
351648 5.0 MEDIUM
danware_data netop NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username and local IP address information via (1) a NetOp HELO request, or (2) when responses are disabled, … NVD-CWE-Other
CVE-2004-0950 2017-07-11 10:30 2005-02-9 Show GitHub Exploit DB Packet Storm
351649 10.0 HIGH
jabber_software_foundation jabber_server Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long… NVD-CWE-Other
CVE-2004-0953 2017-07-11 10:30 2005-01-10 Show GitHub Exploit DB Packet Storm
351650 10.0 HIGH
zinf
debian 		zinf
debian_linux 		Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file. NVD-CWE-Other
CVE-2004-0964 2017-07-11 10:30 2005-02-9 Show GitHub Exploit DB Packet Storm