NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
351651	2.1	LOW	gnu ubuntu	gettext ubuntu_linux	The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to ove…	NVD-CWE-Other	CVE-2004-0966	2017-07-11 10:30	2005-02-9	Show	GitHub Exploit DB Packet Storm

351652	2.1	LOW	gnu gentoo ubuntu	groff linux ubuntu_linux	The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a sym…	NVD-CWE-Other	CVE-2004-0969	2017-07-11 10:30	2005-02-9	Show	GitHub Exploit DB Packet Storm

351653	2.1	LOW	gnu	gzip	The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: …	NVD-CWE-Other	CVE-2004-0970	2017-07-11 10:30	2005-02-9	Show	GitHub Exploit DB Packet Storm

351654	2.1	LOW	netatalk mandrakesoft redhat	open_source_apple_file_share_protocol_suite mandrake_linux mandrake_linux_corporate_server fedora_core	The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.	NVD-CWE-Other	CVE-2004-0974	2017-07-11 10:30	2005-02-9	Show	GitHub Exploit DB Packet Storm

351655	10.0	HIGH	angus_mackay debian gentoo	ez-ipupdate debian_linux linux	Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.	NVD-CWE-Other	CVE-2004-0980	2017-07-11 10:30	2005-02-9	Show	GitHub Exploit DB Packet Storm

351656	10.0	HIGH	mpg123	mpg123	Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a l…	NVD-CWE-Other	CVE-2004-0982	2017-07-11 10:30	2005-02-9	Show	GitHub Exploit DB Packet Storm

351657	10.0	HIGH	microsoft	ie	Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .p…	NVD-CWE-Other	CVE-2004-0985	2017-07-11 10:30	2004-12-31	Show	GitHub Exploit DB Packet Storm

351658	7.5	HIGH	suse debian linux redhat	suse_iptables debian_linux linux_kernel fedora_core	Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote att…	NVD-CWE-Other	CVE-2004-0986	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351659	10.0	HIGH	proxytunnel	proxytunnel	Format string vulnerability in the -a option (daemon mode) in Proxytunnel before 1.2.3 allows remote attackers to execute arbitrary code via format string specifiers in an invalid proxy answer.	NVD-CWE-Other	CVE-2004-0992	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351660	10.0	HIGH	hp	sockd	Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.	NVD-CWE-Other	CVE-2004-0993	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351661	10.0	HIGH	zgv debian	xzgv_image_viewer zgv_image_viewer debian_linux	Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demon…	NVD-CWE-Other	CVE-2004-0994	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351662	2.1	LOW	cscope debian gentoo sco	cscope debian_linux linux unixware	main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.	NVD-CWE-Other	CVE-2004-0996	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351663	7.5	HIGH	telnetd	telnetd telnetd-ssl	Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code.	NVD-CWE-Other	CVE-2004-0998	2017-07-11 10:30	2004-12-23	Show	GitHub Exploit DB Packet Storm

351664	2.6	LOW	zgv	zgv_image_viewer	zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF images.	NVD-CWE-Other	CVE-2004-0999	2017-07-11 10:30	2004-12-31	Show	GitHub Exploit DB Packet Storm

351665	2.1	LOW	debian	lintian	lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.	NVD-CWE-Other	CVE-2004-1000	2017-07-11 10:30	2004-01-10	Show	GitHub Exploit DB Packet Storm

351666	5.0	MEDIUM	trend_micro	scanmail_domino	Trend ScanMail allows remote attackers to obtain potentially sensitive information or disable the anti-virus capability via the smency.nsf file.	NVD-CWE-Other	CVE-2004-1003	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351667	7.5	HIGH	midnight_commander debian gentoo redhat suse turbolinux	midnight_commander debian_linux linux enterprise_linux linux_advanced_workstation suse_linux turbolinux_server turbolinux_workstation	Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.	NVD-CWE-Other	CVE-2004-1004	2017-07-11 10:30	2005-04-14	Show	GitHub Exploit DB Packet Storm

351668	7.5	HIGH	midnight_commander debian gentoo redhat suse turbolinux	midnight_commander debian_linux linux enterprise_linux linux_advanced_workstation suse_linux turbolinux_server turbolinux_workstation	Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.	NVD-CWE-Other	CVE-2004-1005	2017-07-11 10:30	2005-04-14	Show	GitHub Exploit DB Packet Storm

351669	10.0	HIGH	isc	dhcpd	Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.	NVD-CWE-Other	CVE-2004-1006	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351670	5.0	MEDIUM	bogofilter ubuntu	email_filter ubuntu_linux	The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a n…	NVD-CWE-Other	CVE-2004-1007	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351671	10.0	HIGH	putty tortoisecvs	putty tortoisecvs	Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads…	NVD-CWE-Other	CVE-2004-1008	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351672	5.0	MEDIUM	midnight_commander debian gentoo redhat suse turbolinux	midnight_commander debian_linux linux enterprise_linux linux_advanced_workstation suse_linux turbolinux_server turbolinux_workstation	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.	NVD-CWE-Other	CVE-2004-1009	2017-07-11 10:30	2005-04-14	Show	GitHub Exploit DB Packet Storm

351673	10.0	HIGH	carnegie_mellon_university openpkg conectiva redhat trustix ubuntu	cyrus_imap_server openpkg linux fedora_core secure_linux ubuntu_linux	Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN comman…	NVD-CWE-Other	CVE-2004-1011	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351674	10.0	HIGH	carnegie_mellon_university openpkg conectiva redhat trustix ubuntu	cyrus_imap_server openpkg linux fedora_core secure_linux ubuntu_linux	The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a dif…	NVD-CWE-Other	CVE-2004-1012	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351675	10.0	HIGH	carnegie_mellon_university redhat ubuntu	cyrus_imap_server fedora_core ubuntu_linux	Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004…	NVD-CWE-Other	CVE-2004-1015	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351676	5.0	MEDIUM	php	php	The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vu…	NVD-CWE-Other	CVE-2004-1020	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351677	7.5	HIGH	apple	ical	iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms.	NVD-CWE-Other	CVE-2004-1021	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351678	2.1	LOW	kerio	kerio_mailserver serverfirewall winroute_firewall	Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and MailServer before 6.0.5 use symmetric encryption for user passwords, which allows attackers to decrypt the user database and obt…	NVD-CWE-Other	CVE-2004-1022	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351679	2.1	LOW	kerio	kerio_mailserver serverfirewall winroute_firewall	Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local …	NVD-CWE-Other	CVE-2004-1023	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351680	7.2	HIGH	ibm	aix	Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious …	NVD-CWE-Other	CVE-2004-1028	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351681	2.1	LOW	thibault_godouet gentoo	fcron linux	fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file…	NVD-CWE-Other	CVE-2004-1030	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351682	7.2	HIGH	thibault_godouet gentoo	fcron linux	fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the…	NVD-CWE-Other	CVE-2004-1031	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351683	2.1	LOW	thibault_godouet gentoo	fcron linux	fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slas…	NVD-CWE-Other	CVE-2004-1032	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351684	2.1	LOW	thibault_godouet gentoo	fcron linux	Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR enviro…	NVD-CWE-Other	CVE-2004-1033	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351685	10.0	HIGH	kaffeine xine gentoo	kaffeine_player gxine linux	Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly …	NVD-CWE-Other	CVE-2004-1034	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351686	6.4	MEDIUM	imap_proxy	imap_proxy	Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service (server crash…	NVD-CWE-Other	CVE-2004-1035	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351687	10.0	HIGH	twiki gentoo	twiki linux	The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.	NVD-CWE-Other	CVE-2004-1037	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351688	7.2	HIGH	mandrakesoft todd_miller debian trustix ubuntu	mandrake_multi_network_firewall sudo debian_linux mandrake_linux mandrake_linux_corporate_server secure_linux ubuntu_linux	sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that i…	NVD-CWE-Other	CVE-2004-1051	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351689	10.0	HIGH	bnc debian gentoo	bnc debian_linux linux	Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exc…	NVD-CWE-Other	CVE-2004-1052	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351690	10.0	HIGH	freebsd	fetch	Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow.	NVD-CWE-Other	CVE-2004-1053	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351691	7.2	HIGH	ibm	aix	Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" …	NVD-CWE-Other	CVE-2004-1054	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351692	6.8	MEDIUM	phpmyadmin gentoo	phpmyadmin linux	Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zer…	NVD-CWE-Other	CVE-2004-1055	2017-07-11 10:30	2005-03-1	Show	GitHub Exploit DB Packet Storm

351693	4.3	MEDIUM	mnogosearch	mnogosearch	Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages,…	NVD-CWE-Other	CVE-2004-1059	2017-07-11 10:30	2004-12-10	Show	GitHub Exploit DB Packet Storm

351694	4.3	MEDIUM	mozilla	bugzilla	Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demons…	NVD-CWE-Other	CVE-2004-1061	2017-07-11 10:30	2005-01-4	Show	GitHub Exploit DB Packet Storm

351695	4.3	MEDIUM	viewcvs	viewcvs	Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 allow remote attackers to inject arbitrary HTML and web script via certain error messages.	NVD-CWE-Other	CVE-2004-1062	2017-07-11 10:30	2004-12-28	Show	GitHub Exploit DB Packet Storm

351696	3.6	LOW	freebsd	freebsd	The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a…	NVD-CWE-Other	CVE-2004-1066	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351697	10.0	HIGH	carnegie_mellon_university redhat ubuntu	cyrus_imap_server fedora_core ubuntu_linux	Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.	NVD-CWE-Other	CVE-2004-1067	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351698	1.2	LOW	linux ubuntu	linux_kernel ubuntu_linux	Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_s…	NVD-CWE-Other	CVE-2004-1069	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351699	6.8	MEDIUM	zwiki	zwiki	Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which …	NVD-CWE-Other	CVE-2004-1075	2017-07-11 10:30	2005-01-10	Show	GitHub Exploit DB Packet Storm

351700	2.1	LOW	apple	darwin_streaming_server quicktime_streaming_server mac_os_x mac_os_x_server	The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other appl…	NVD-CWE-Other	CVE-2004-1081	2017-07-11 10:30	2004-12-2	Show	GitHub Exploit DB Packet Storm