CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0CVE-2004-1093
https://notcve.org/view.php?id=CVE-2004-1093
22 Jan 2005 — Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." • http://secunia.com/advisories/13863 •
CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0CVE-2004-1174
https://notcve.org/view.php?id=CVE-2004-1174
22 Jan 2005 — direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." • http://secunia.com/advisories/13863 •
CVSS: 9.8EPSS: 0%CPEs: 47EXPL: 0CVE-2004-1175
https://notcve.org/view.php?id=CVE-2004-1175
22 Jan 2005 — fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. • http://secunia.com/advisories/13863 •
CVSS: 9.8EPSS: 2%CPEs: 47EXPL: 0CVE-2004-1176
https://notcve.org/view.php?id=CVE-2004-1176
22 Jan 2005 — Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. • http://secunia.com/advisories/13863 •
CVSS: 8.8EPSS: 3%CPEs: 57EXPL: 1CVE-2005-0005
https://notcve.org/view.php?id=CVE-2005-0005
19 Jan 2005 — Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. • http://marc.info/?l=bugtraq&m=110608222117215&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2004-1452
https://notcve.org/view.php?id=CVE-2004-1452
31 Dec 2004 — Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. • http://secunia.com/advisories/12296 •
CVSS: 9.8EPSS: 5%CPEs: 111EXPL: 1CVE-2004-1471 – CVS 1.11.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1471
31 Dec 2004 — Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. • https://www.exploit-db.com/exploits/24182 •
CVSS: 9.8EPSS: 25%CPEs: 35EXPL: 1CVE-2004-1491 – Opera Web Browser 7.54 - 'KDE KFMCLIENT' Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1491
31 Dec 2004 — Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. • https://www.exploit-db.com/exploits/24828 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2004-1901
https://notcve.org/view.php?id=CVE-2004-1901
31 Dec 2004 — Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. • http://secunia.com/advisories/11305 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1336
https://notcve.org/view.php?id=CVE-2004-1336
23 Dec 2004 — The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286370 •