- EPSS 3.94%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:12
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-0229
- EPSS 0.41%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:12
The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.
CVE-2004-0231
- EPSS 0.38%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:13
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
- EPSS 2.95%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:13
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-0419
- EPSS 2.48%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:36
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
CVE-2004-0432
- EPSS 9.2%
- Veröffentlicht 18.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:38
ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
CVE-2004-1737
- EPSS 2.83%
- Veröffentlicht 16.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:08:18
SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.
- EPSS 3.97%
- Veröffentlicht 06.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:35
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary...
- EPSS 13.21%
- Veröffentlicht 06.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:35
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
- EPSS 3.07%
- Veröffentlicht 06.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:36
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consu...