CVSS: 9.1EPSS: 6%CPEs: 146EXPL: 0CVE-2005-0206
https://notcve.org/view.php?id=CVE-2005-0206
15 Feb 2005 — The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podría dejar a los usuarios de Xpdf expuestos a las vulnerabilida... • http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 •
CVSS: 9.1EPSS: 0%CPEs: 32EXPL: 2CVE-2005-0156 – Setuid perl - 'PerlIO_Debug()' Local Overflow
https://notcve.org/view.php?id=CVE-2005-0156
07 Feb 2005 — Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. • https://www.exploit-db.com/exploits/791 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2005-0077
https://notcve.org/view.php?id=CVE-2005-0077
29 Jan 2005 — The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. • http://marc.info/?l=bugtraq&m=110667936707597&w=2 •
CVSS: 7.0EPSS: 0%CPEs: 147EXPL: 4CVE-2004-1235 – Linux Kernel 2.4 - 'uselib()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1235
20 Jan 2005 — Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Condición de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar código de su elección manipulando el descriptor WMA. • https://www.exploit-db.com/exploits/778 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0080
https://notcve.org/view.php?id=CVE-2005-0080
19 Jan 2005 — The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=285839 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2004-2154
https://notcve.org/view.php?id=CVE-2004-2154
31 Dec 2004 — CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. • http://www.cups.org/str.php?L700 • CWE-178: Improper Handling of Case Sensitivity •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2004-1337
https://notcve.org/view.php?id=CVE-2004-1337
23 Dec 2004 — The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 •
CVSS: 4.7EPSS: 0%CPEs: 32EXPL: 0CVE-2004-1058
https://notcve.org/view.php?id=CVE-2004-1058
22 Dec 2004 — Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. Condición de carrera en el kernel de Linux 2.6 permite a usurios locales leer las variables de entorno de otros proceso que se está engendrando todavía mediante /proc/.../cmdline. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 10.0EPSS: 7%CPEs: 65EXPL: 0CVE-2004-1019
https://notcve.org/view.php?id=CVE-2004-1019
22 Dec 2004 — The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results. El código de deserialización en PHP anteriores a 4.3.10 y PHP 5.x hasta 5.0.2 permite a atacantes remotos causar una denegación de servicio y ejecutar código de su elección mediante datos "no de confianza" ... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 3%CPEs: 32EXPL: 0CVE-2004-1056
https://notcve.org/view.php?id=CVE-2004-1056
22 Dec 2004 — Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output. El controlador Direct Rendering Manager (DRM) en el kernel de Linux 2.06 no comprueba adecuadamente el bloqueo DMA, lo que podría permitir a atacantes remotos o usuarios locales causar una denegación de servicio (caída del servidor X) y posiblemente modificar la salida de video. • http://secunia.com/advisories/17002 •