CVSS: 9.1EPSS: 2%CPEs: 7EXPL: 0CVE-2004-1185
https://notcve.org/view.php?id=CVE-2004-1185
21 Jan 2005 — Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0080
https://notcve.org/view.php?id=CVE-2005-0080
19 Jan 2005 — The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=285839 •
CVSS: 6.1EPSS: 0%CPEs: 25EXPL: 0CVE-2004-1177
https://notcve.org/view.php?id=CVE-2004-1177
10 Jan 2005 — Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287555 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2004-1772
https://notcve.org/view.php?id=CVE-2004-1772
31 Dec 2004 — Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument. • http://marc.info/?l=bugtraq&m=108137386310299&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1773
https://notcve.org/view.php?id=CVE-2004-1773
31 Dec 2004 — Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar. • http://security.gentoo.org/glsa/glsa-200410-01.xml •
CVSS: 9.8EPSS: 1%CPEs: 25EXPL: 0CVE-2004-1143
https://notcve.org/view.php?id=CVE-2004-1143
31 Dec 2004 — The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286796 •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2004-2460
https://notcve.org/view.php?id=CVE-2004-2460
31 Dec 2004 — Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list. • http://gnubiff.sourceforge.net/changelog.php •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1296
https://notcve.org/view.php?id=CVE-2004-1296
31 Dec 2004 — The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286371 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0984
https://notcve.org/view.php?id=CVE-2004-0984
31 Dec 2004 — Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges. • http://packages.debian.org/changelogs/pool/main/m/mailutils/mailutils_0.6-2/changelog •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 0CVE-2004-1382
https://notcve.org/view.php?id=CVE-2004-1382
31 Dec 2004 — The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. • http://marc.info/?l=bugtraq&m=109899903129801&w=2 •