CVE-2004-0642
- EPSS 8.26%
- Veröffentlicht 28.09.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:04
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
CVE-2004-0643
- EPSS 1.43%
- Veröffentlicht 28.09.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:04
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
CVE-2004-0689
- EPSS 0.43%
- Veröffentlicht 28.09.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:10
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
- EPSS 15.46%
- Veröffentlicht 16.09.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:25
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
- EPSS 2.83%
- Veröffentlicht 06.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:48
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
CVE-2004-0579
- EPSS 0.43%
- Veröffentlicht 06.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:55
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
- EPSS 2.08%
- Veröffentlicht 06.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:55
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
CVE-2004-0594
- EPSS 54.86%
- Veröffentlicht 27.07.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:56
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of...
CVE-2004-0398
- EPSS 5.02%
- Veröffentlicht 07.07.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:33
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
- EPSS 7.16%
- Veröffentlicht 07.07.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:38
k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.