Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35849 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-0654 1 Gimp 1 Gimp 2026-06-16 5.0 MEDIUM N/A
gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause a denial of service (application crash) via the image descriptor (1) height or (2) width fields set to zero.
CVE-2005-0456 1 Opera 1 Opera Browser 2026-06-16 5.0 MEDIUM N/A
Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.
CVE-2005-0235 1 Opera 1 Opera Browser 2026-06-16 5.0 MEDIUM N/A
The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVE-2005-0233 4 Mozilla, Omnigroup, Opera and 1 more 6 Camino, Firefox, Mozilla and 3 more 2026-06-16 7.5 HIGH N/A
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVE-2004-2758 1 Sun 1 Sunforum 2026-06-16 7.5 HIGH N/A
Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
CVE-2004-2753 1 Hp 1 Hp-ux 2026-06-16 5.6 MEDIUM N/A
Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner."
CVE-2004-2744 1 Phplist 1 Mailing List Manager 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has unknown impact and attack vectors, related to a "security update release."
CVE-2004-2707 1 Phrozensmoke 1 Gyach Enhanced 2026-06-16 7.5 HIGH N/A
Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP server responses.
CVE-2004-2706 1 Phrozensmoke 1 Gyach Enhanced 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages.
CVE-2004-2705 1 Pvpgn 1 Pvpgn 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in Player vs. Player Gaming Network (PvPGN) before 1.6.4 allows remote attackers to obtain attributes of arbitrary accounts, including the password hash, via certain statsreq packets.
CVE-2004-2684 1 Intersystems 1 Cache Database 2026-06-16 2.1 LOW N/A
Unspecified vulnerability in the %template package in InterSystems Cache' 5.0 allows attackers to access certain files on a server, including (1) cache.key and (2) cache.dat, related to .csp files under (a) Dev\studio\templates and (b) Devuser\studio\templates.
CVE-2004-2683 1 Intersystems 1 Cache 2026-06-16 2.1 LOW N/A
Unspecified vulnerability in the %XML.Utils.SchemaServer class in InterSystems Cache' 5.0 allows attackers to access arbitrary files on a server.
CVE-2004-2478 3 Ca, Ibm, Jetty 3 Unicenter Web Services Distributed Management, Trading Partner Interchange, Jetty Http Server 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange before 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2004-2345 1 Oracle 1 Database Server 2026-06-16 6.5 MEDIUM N/A
Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information.
CVE-2004-2083 1 Opera 1 Opera Browser 2026-06-16 2.6 LOW N/A
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."
CVE-2004-1810 1 Opera 1 Opera Browser 2026-06-16 5.0 MEDIUM N/A
The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array.
CVE-2004-1615 1 Opera 1 Opera Browser 2026-06-16 2.6 LOW N/A
Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme.
CVE-2004-1491 4 Gentoo, Kde, Opera and 1 more 4 Linux, Kde, Opera Browser and 1 more 2026-06-16 5.0 MEDIUM N/A
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
CVE-2004-1490 1 Opera 1 Opera Browser 2026-06-16 2.6 LOW N/A
Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
CVE-2004-1368 1 Oracle 9 Application Server, Collaboration Suite, E-business Suite and 6 more 2026-06-16 7.8 HIGH N/A
ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.