CVSS: 10.0EPSS: 7%CPEs: 65EXPL: 0CVE-2004-1019 – 012004.txt
https://notcve.org/view.php?id=CVE-2004-1019
22 Dec 2004 — The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results. El código de deserialización en PHP anteriores a 4.3.10 y PHP 5.x hasta 5.0.2 permite a atacantes remotos causar una denegación de servicio y ejecutar código de su elección mediante datos "no de confianza" ... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 3%CPEs: 32EXPL: 0CVE-2004-1056 – Ubuntu Security Notice 38-1
https://notcve.org/view.php?id=CVE-2004-1056
22 Dec 2004 — Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. El controlador Direct Rendering Manager (DRM) en el kernel de Linux 2.06 no comprueba adecuadamente el bloqueo DMA, lo que podría permitir a atacantes remotos o usuarios locales causar una denegación de servicio (caída del servidor X) y posiblemente modificar la salida de video. Th... • http://secunia.com/advisories/17002 •
CVSS: 4.7EPSS: 0%CPEs: 32EXPL: 0CVE-2004-1058 – Ubuntu Security Notice 38-1
https://notcve.org/view.php?id=CVE-2004-1058
22 Dec 2004 — Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. Condición de carrera en el kernel de Linux 2.6 permite a usurios locales leer las variables de entorno de otros proceso que se está engendrando todavía mediante /proc/.../cmdline. This advisory covers all the recent vulnerabilities discovered in the Linux 2.6 kernel series. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 5.5EPSS: 0%CPEs: 98EXPL: 3CVE-2004-1016 – Linux Kernel 2.4.28/2.6.9 - 'scm_send Local' Denial of Service
https://notcve.org/view.php?id=CVE-2004-1016
15 Dec 2004 — The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. La función scm_send de la capa scm de los kernel de Linux 2.4.x hasta 2.4.28 y 2.6.x hasta 2.6.9 permite a usuarios locales causar una denegación de servicio (cuelgue del sistema) mediante mensajes auxiliares artesanales que son pasados a la fu... • https://packetstorm.news/files/id/35334 •
CVSS: 10.0EPSS: 15%CPEs: 98EXPL: 2CVE-2004-1137 – Linux Kernel 2.4.22-28/2.6.9 - 'igmp.c' Local Denial of Service
https://notcve.org/view.php?id=CVE-2004-1137
15 Dec 2004 — Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. This advisory covers all the recent vulnerabilities discovered in the Linux 2.6 kernel series. • https://packetstorm.news/files/id/35333 •
CVSS: 10.0EPSS: 5%CPEs: 22EXPL: 0CVE-2004-1067
https://notcve.org/view.php?id=CVE-2004-1067
10 Dec 2004 — Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. Error de fuera-por-uno en la función myasl_canon_user en Cyrus IMAP Server 2.2.9 y anteriores conduce a un desbordamiento de búfer, lo que puede permitir a atacantes remotos ejecutar código de su elección mediante el nombre de usuario. • http://asg.web.cmu.edu/cyrus/download/imapd/changes.html •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2004-1151 – Ubuntu Security Notice 38-1
https://notcve.org/view.php?id=CVE-2004-1151
08 Dec 2004 — Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges. This advisory covers all the recent vulnerabilities discovered in the Linux 2.6 kernel series. • http://linux.bkbits.net:8080/linux-2.6/cset%401.2079 •
CVSS: 7.5EPSS: 1%CPEs: 32EXPL: 0CVE-2004-0956
https://notcve.org/view.php?id=CVE-2004-0956
05 Dec 2004 — MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote. MySQL anteriores a 4.0.20 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una consulta MATCH AGAINST con comillas dobles iniciales pero sin comillas dobles de cierre. • http://bugs.mysql.com/bug.php?id=3870 •
CVSS: 10.0EPSS: 5%CPEs: 22EXPL: 0CVE-2004-1015
https://notcve.org/view.php?id=CVE-2004-1015
01 Dec 2004 — Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. Desbordamiento de búfer en proxyd de Cyrus IMAP Server 2.2.9 y anteriores, con la opción imapmagicplus establecida, puede permitir a atacantes remotos ejecutar código de su elección, una vulnerabilidad distinta de CAN-2004-1011. • http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=145 •
CVSS: 7.0EPSS: 0%CPEs: 79EXPL: 0CVE-2004-1068 – Ubuntu Security Notice 38-1
https://notcve.org/view.php?id=CVE-2004-1068
01 Dec 2004 — A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. Un error de "falta de serialización" en la función unix_dgram_recvmsg en Linux 2.4.27 y anteriores, y 2.6.x hasta 2.6.9, permite a usurios locales ganar privilegios aprovechando una condición de carrera. This advisory covers all the recent vulnerabilities discovered in the Linux 2.6 kernel series. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •