CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 0CVE-2004-0983
https://notcve.org/view.php?id=CVE-2004-0983
19 Nov 2004 — The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. • http://www.debian.org/security/2004/dsa-586 •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2004-1051
https://notcve.org/view.php?id=CVE-2004-1051
18 Nov 2004 — sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2004-1007
https://notcve.org/view.php?id=CVE-2004-1007
04 Nov 2004 — The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address. • http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01 •
CVSS: 5.5EPSS: 0%CPEs: 120EXPL: 0CVE-2004-0814
https://notcve.org/view.php?id=CVE-2004-0814
28 Oct 2004 — Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. Múltiples condiciones de carrera en la capa de terminal de Linux kernel 2.4.x y 2.6.x anteriores a 2.6.9... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131672 •
CVSS: 10.0EPSS: 30%CPEs: 16EXPL: 2CVE-2004-0989 – Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-0989
28 Oct 2004 — Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. • https://www.exploit-db.com/exploits/24704 •
CVSS: 10.0EPSS: 4%CPEs: 93EXPL: 0CVE-2004-0888
https://notcve.org/view.php?id=CVE-2004-0888
26 Oct 2004 — Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 •
CVSS: 10.0EPSS: 3%CPEs: 93EXPL: 0CVE-2004-0889
https://notcve.org/view.php?id=CVE-2004-0889
26 Oct 2004 — Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 •
CVSS: 10.0EPSS: 5%CPEs: 42EXPL: 0CVE-2004-0891
https://notcve.org/view.php?id=CVE-2004-0891
21 Oct 2004 — Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. • http://gaim.sourceforge.net/security/?id=9 •
CVSS: 7.5EPSS: 68%CPEs: 26EXPL: 0CVE-2004-0918 – Squid SNMP DoS
https://notcve.org/view.php?id=CVE-2004-0918
21 Oct 2004 — The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 99EXPL: 0CVE-2004-0957
https://notcve.org/view.php?id=CVE-2004-0957
21 Oct 2004 — Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 •