CVSS: 5.5EPSS: 0%CPEs: 104EXPL: 2CVE-2004-1335 – Linux Kernel 2.4.28/2.6.9 - 'ip_options_get' Local Overflow
https://notcve.org/view.php?id=CVE-2004-1335
15 Dec 2004 — Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. • https://www.exploit-db.com/exploits/692 •
CVSS: 7.5EPSS: 1%CPEs: 61EXPL: 0CVE-2004-1142
https://notcve.org/view.php?id=CVE-2004-1142
15 Dec 2004 — Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 •
CVSS: 10.0EPSS: 5%CPEs: 7EXPL: 0CVE-2004-1026
https://notcve.org/view.php?id=CVE-2004-1026
10 Dec 2004 — Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. Múltiples desbordamientos de búfer en el manejador de imágenes de imlib 1.9.14 y anteriores, que es usado en gkrellm y varios gestores de ventanas, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) y ejecutar código arbitr... • http://www.debian.org/security/2005/dsa-628 •
CVSS: 9.8EPSS: 83%CPEs: 157EXPL: 1CVE-2004-1029 – Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass
https://notcve.org/view.php?id=CVE-2004-1029
24 Nov 2004 — The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. • https://www.exploit-db.com/exploits/24763 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 1%CPEs: 43EXPL: 4CVE-2004-1613
https://notcve.org/view.php?id=CVE-2004-1613
18 Oct 2004 — Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. • http://lcamtuf.coredump.cx/mangleme/gallery •
CVSS: 9.8EPSS: 3%CPEs: 86EXPL: 0CVE-2005-0373
https://notcve.org/view.php?id=CVE-2005-0373
07 Oct 2004 — Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. • http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml •
CVSS: 8.8EPSS: 5%CPEs: 73EXPL: 0CVE-2004-0802
https://notcve.org/view.php?id=CVE-2004-0802
24 Sep 2004 — Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. • http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup •
CVSS: 10.0EPSS: 15%CPEs: 34EXPL: 0CVE-2004-0903
https://notcve.org/view.php?id=CVE-2004-0903
24 Sep 2004 — Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. • http://bugzilla.mozilla.org/show_bug.cgi?id=257314 •
CVSS: 10.0EPSS: 45%CPEs: 34EXPL: 0CVE-2004-0902
https://notcve.org/view.php?id=CVE-2004-0902
24 Sep 2004 — Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname. • http://bugzilla.mozilla.org/show_bug.cgi?id=226669 •
CVSS: 10.0EPSS: 16%CPEs: 38EXPL: 0CVE-2004-0904
https://notcve.org/view.php?id=CVE-2004-0904
24 Sep 2004 — Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. • http://bugzilla.mozilla.org/show_bug.cgi?id=255067 •