CVSS: 7.7EPSS: 13%CPEs: 48EXPL: 2CVE-2004-0937 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0937
19 Nov 2004 — Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 •
CVSS: 10.0EPSS: 1%CPEs: 15EXPL: 0CVE-2004-0980
https://notcve.org/view.php?id=CVE-2004-0980
19 Nov 2004 — Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028590.html •
CVSS: 10.0EPSS: 7%CPEs: 36EXPL: 0CVE-2004-0981
https://notcve.org/view.php?id=CVE-2004-0981
19 Nov 2004 — Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. • http://secunia.com/advisories/12995 •
CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 0CVE-2004-0983
https://notcve.org/view.php?id=CVE-2004-0983
19 Nov 2004 — The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. • http://www.debian.org/security/2004/dsa-586 •
CVSS: 10.0EPSS: 85%CPEs: 2EXPL: 3CVE-2004-1037 – TWiki 20030201 - 'search.pm' Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1037
19 Nov 2004 — The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string. • https://www.exploit-db.com/exploits/642 •
CVSS: 10.0EPSS: 1%CPEs: 20EXPL: 0CVE-2004-1052
https://notcve.org/view.php?id=CVE-2004-1052
18 Nov 2004 — Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters. • http://marc.info/?l=bugtraq&m=110011817627839&w=2 •
CVSS: 7.5EPSS: 6%CPEs: 6EXPL: 0CVE-2004-1027
https://notcve.org/view.php?id=CVE-2004-1027
16 Nov 2004 — Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027348.html •
CVSS: 10.0EPSS: 5%CPEs: 6EXPL: 0CVE-2004-1034
https://notcve.org/view.php?id=CVE-2004-1034
16 Nov 2004 — Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028061.html •
CVSS: 6.8EPSS: 3%CPEs: 22EXPL: 0CVE-2004-1036
https://notcve.org/view.php?id=CVE-2004-1036
16 Nov 2004 — Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000905 •
CVSS: 10.0EPSS: 36%CPEs: 25EXPL: 1CVE-2004-0990 – GD Graphics Library - Local Heap Overflow
https://notcve.org/view.php?id=CVE-2004-0990
28 Oct 2004 — Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. • https://www.exploit-db.com/exploits/600 •