CVSS: 9.8EPSS: 25%CPEs: 35EXPL: 1CVE-2004-1491 – Opera Web Browser 7.54 - 'KDE KFMCLIENT' Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1491
31 Dec 2004 — Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. • https://www.exploit-db.com/exploits/24828 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2004-1895
https://notcve.org/view.php?id=CVE-2004-1895
31 Dec 2004 — YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies. • http://archives.neohapsis.com/archives/bugtraq/2004-04/0058.html •
CVSS: 10.0EPSS: 27%CPEs: 53EXPL: 0CVE-2004-1154
https://notcve.org/view.php?id=CVE-2004-1154
22 Dec 2004 — Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 10.0EPSS: 0%CPEs: 40EXPL: 0CVE-2004-0914 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0914
15 Dec 2004 — Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candida... • http://rhn.redhat.com/errata/RHSA-2004-537.html •
CVSS: 7.5EPSS: 6%CPEs: 61EXPL: 0CVE-2004-1139
https://notcve.org/view.php?id=CVE-2004-1139
15 Dec 2004 — Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 •
CVSS: 7.5EPSS: 8%CPEs: 61EXPL: 0CVE-2004-1142
https://notcve.org/view.php?id=CVE-2004-1142
15 Dec 2004 — Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 •
CVSS: 9.1EPSS: 6%CPEs: 61EXPL: 0CVE-2004-1145
https://notcve.org/view.php?id=CVE-2004-1145
15 Dec 2004 — Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. • http://marc.info/?l=bugtraq&m=110356286722875&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2004-1190
https://notcve.org/view.php?id=CVE-2004-1190
15 Dec 2004 — SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices. • http://secunia.com/advisories/18510 •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2004-1191
https://notcve.org/view.php?id=CVE-2004-1191
15 Dec 2004 — Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages." • http://www.novell.com/linux/security/advisories/2004_42_kernel.html •
CVSS: 10.0EPSS: 15%CPEs: 11EXPL: 3CVE-2004-1170 – GNU a2ps 4.13 - File Name Command Execution
https://notcve.org/view.php?id=CVE-2004-1170
10 Dec 2004 — a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. • https://www.exploit-db.com/exploits/24406 •