CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2004-1452
https://notcve.org/view.php?id=CVE-2004-1452
Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. • http://secunia.com/advisories/12296 http://www.gentoo.org/security/en/glsa/glsa-200408-15.xml http://www.securityfocus.com/bid/10951 https://exchange.xforce.ibmcloud.com/vulnerabilities/16993 •
CVSS: 5.0EPSS: 2%CPEs: 19EXPL: 0CVE-2004-0749
https://notcve.org/view.php?id=CVE-2004-0749
The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames. El módulo mod_authz_svn en Subversion 1.0.7 y anteriores no restringe adecuadamente el acceso a todos los metadatos en rutas ilegibles, lo que podría permitir a atacantes remotos ganar información sensible mediante (1) svn log -v, (2) svn propget, o (3) svn blame, y otras órdenes que siguen cambios de de nombre. • http://fedoranews.org/updates/FEDORA-2004-318.shtml http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml http://www.securityfocus.com/bid/11243 https://exchange.xforce.ibmcloud.com/vulnerabilities/17472 •
CVSS: 10.0EPSS: 5%CPEs: 6EXPL: 0CVE-2004-1034
https://notcve.org/view.php?id=CVE-2004-1034
Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028061.html http://secunia.com/advisories/13117 http://security.gentoo.org/glsa/glsa-200411-14.xml http://sourceforge.net/tracker/index.php?func=detail&aid=1060299&group_id=9655&atid=109655 http://www.securityfocus.com/bid/11528 https://exchange.xforce.ibmcloud.com/vulnerabilities/17849 •
CVSS: 2.1EPSS: 0%CPEs: 28EXPL: 0CVE-2004-0231
https://notcve.org/view.php?id=CVE-2004-0231
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." Múltiples vulnerabilidades en Midnight Commander (mc) anteriores a 4.6.0, con impacto desconocido, relacionadas con "creación insegura de ficheros y directorios temporales." • http://security.gentoo.org/glsa/glsa-200405-21.xml http://www.debian.org/security/2004/dsa-497 http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 http://www.novell.com/linux/security/advisories/2004_12_mc.html http://www.redhat.com/support/errata/RHSA-2004-172.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16020 https://access.redhat.com/security/cve/CVE-2004-0231 https://bugzilla.redhat.com/show_bug.cgi?id=1617180 •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2004-0226
https://notcve.org/view.php?id=CVE-2004-0226
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. Múltiples desbordamientos de búfer en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegación de servicio o ejecutar código arbitrario. • http://security.gentoo.org/glsa/glsa-200405-21.xml http://www.debian.org/security/2004/dsa-497 http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 http://www.novell.com/linux/security/advisories/2004_12_mc.html http://www.redhat.com/support/errata/RHSA-2004-172.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16016 https://access.redhat.com/security/cve/CVE-2004-0226 https://bugzilla.redhat.com/show_bug.cgi?id=1617179 •