CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 0CVE-2004-0983
https://notcve.org/view.php?id=CVE-2004-0983
19 Nov 2004 — The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. • http://www.debian.org/security/2004/dsa-586 •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2004-1051
https://notcve.org/view.php?id=CVE-2004-1051
18 Nov 2004 — sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 9.8EPSS: 17%CPEs: 74EXPL: 0CVE-2004-0803
https://notcve.org/view.php?id=CVE-2004-0803
26 Oct 2004 — Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Múltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de búfer, permite a atacantes remotos ejecutar código arbitrario mediante ficheros TIFF. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 7.5EPSS: 11%CPEs: 75EXPL: 1CVE-2004-0886
https://notcve.org/view.php?id=CVE-2004-0886
26 Oct 2004 — Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 9.8EPSS: 5%CPEs: 8EXPL: 0CVE-2004-0805
https://notcve.org/view.php?id=CVE-2004-0805
20 Oct 2004 — Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file. Desbordamiento de búfer en layer2.c en mpg123 0.59r y posiblemente en mpg123 0.59s permite a atacantes remotos ejecutar código arbitrario mediante ciertos ficheros mp3 o mp2. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2004-0834
https://notcve.org/view.php?id=CVE-2004-0834
20 Oct 2004 — Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. Vulnerabilidad de cadena de formato en Speedtouch USB driver anteriores a 1.3.1 permite a usuarios locales ejecutar código de su elección mediante modem_run pppoa2, o pppoa3 • http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734 •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2004-0974
https://notcve.org/view.php?id=CVE-2004-0974
20 Oct 2004 — The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. • http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 0CVE-2004-0975
https://notcve.org/view.php?id=CVE-2004-0975
20 Oct 2004 — The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302 •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2004-0977
https://notcve.org/view.php?id=CVE-2004-0977
20 Oct 2004 — The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300 •
CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 0CVE-2004-0559
https://notcve.org/view.php?id=CVE-2004-0559
24 Sep 2004 — The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory. El script maketemp.pl en Usermin 1.070 y 1.080 permite a usuarios locales sobreescribir ficheros de su elección durante la instalación mediante un ataque de enlaces simbólicos en el directorio /tmp/.usermin • http://secunia.com/advisories/12488 •