CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2004-2394
https://notcve.org/view.php?id=CVE-2004-2394
31 Dec 2004 — Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060 •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2004-2395
https://notcve.org/view.php?id=CVE-2004-2395
31 Dec 2004 — Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060 •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2004-2396
https://notcve.org/view.php?id=CVE-2004-2396
31 Dec 2004 — passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060 •
CVSS: 8.8EPSS: 5%CPEs: 68EXPL: 0CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
21 Dec 2004 — Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0CVE-2004-1098
https://notcve.org/view.php?id=CVE-2004-1098
01 Dec 2004 — MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header. MIMEDefang de MIME-tools 5.414 permite a atacantes remotos sortear escaner de virus mediante adjuntos en correo electrónico con virus que contengan una cadena de límite vacia en la cabecera Content-Type. • http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html •
CVSS: 9.8EPSS: 17%CPEs: 74EXPL: 0CVE-2004-0803
https://notcve.org/view.php?id=CVE-2004-0803
26 Oct 2004 — Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Múltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de búfer, permite a atacantes remotos ejecutar código arbitrario mediante ficheros TIFF. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 7.5EPSS: 11%CPEs: 75EXPL: 1CVE-2004-0886
https://notcve.org/view.php?id=CVE-2004-0886
26 Oct 2004 — Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2004-0834
https://notcve.org/view.php?id=CVE-2004-0834
20 Oct 2004 — Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. Vulnerabilidad de cadena de formato en Speedtouch USB driver anteriores a 1.3.1 permite a usuarios locales ejecutar código de su elección mediante modem_run pppoa2, o pppoa3 • http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734 •
CVSS: 8.8EPSS: 6%CPEs: 73EXPL: 0CVE-2004-0802
https://notcve.org/view.php?id=CVE-2004-0802
24 Sep 2004 — Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. • http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup •
CVSS: 9.1EPSS: 3%CPEs: 73EXPL: 0CVE-2004-0817
https://notcve.org/view.php?id=CVE-2004-0817
17 Sep 2004 — Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 •