kd-problem.ucoz.ru Cross Site Scripting vulnerability OBB-3857408

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-26604 Revert "kobject: Remove redundant checks for whether ktype is NULL"

In the Linux kernel, the following vulnerability has been resolved: Revert "kobject: Remove redundant checks for whether ktype is NULL" This reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31. It is reported to cause problems, so revert it for now until the root cause can be found...

CVE-2022-14262

Technical details for CVE-2022-14262 are not publicly provided in the supplied documents. Monitor for updates.

CAN-2005-2475

The CVE-2005-2475 entry is confirmed through multiple connected documents: unzip contains a race condition in file permission handling during extraction that could let a local attacker modify permissions of extracted files. The issue is tied to the unzip utility and is addressed by the backported...

CAN-2004-0047

CVE-2004-0047 corresponds to a local privilege escalation in the trr19 type trainer for GNU Emacs. Several disclosures (Debian DSA-430, Ubuntu CVE page, NVD) describe that multiple programs in trr19 1.0 do not drop privileges before executing a command, allowing local users to gain privileges (gr...

CAN-2004-0374

CVE-2004-0374 affects Interchange (pre-5.0.1). The vulnerability results from missing input sanitising, allowing remote attackers to expose the content of arbitrary variables and read/modify sensitive SQL information via an HTTP request that ends with the string SQLUSER . Public details in the co...

CAN-2004-0111

CVE-2004-0111 affects gdk-pixbuf before 0.20, where a malformed BMP file can cause a denial of service (crash) in apps that use the library. Public records across Debian/Red Hat advisories and OSV entries confirm the vulnerability, with Debian/DSA 464-1 and RHSA-2004:103 noting the impact and rec...

CAN-2004-0400

CVE-2004-0400 is tied to Exim, with multiple advisories across environments (Debian DSA-501, DSA-502-1; Gentoo GLSA 200405-07; FreeBSD/OpenVAS entries). Public details in connected docs indicate related issues include Exim at-tls handling and a remote-exploit risk (e.g., buffer overflows in speci...

CAN-2003-0068

CVE-2003-0068 affects the Eterm terminal emulator (0.9.1 and earlier). An attacker can modify the window title using a specific escape sequence and then insert it back into the user’s command line, potentially allowing arbitrary commands to be executed. Remediation is to upgrade to eterm 0.9.2 (a...

CAN-2004-0398

CVE-2004-0398 affects the neon library (libneon) and is referenced in multiple advisories (GLSA-200405-13/15, Debian DSA-506/507, Mandrake MDKSA-2004:049/078). The issue is a heap-based buffer overflow in neon’s date parsing routines (notably ne_rfc1036_parse and ne_httpdate_parse) that could, de...

CAN-2004-0827

CVE-2004-0827 is associated with ImageMagick across multiple advisories (Debian DSA 547-1, Ubuntu USN-35-1, Red Hat RHSA-2004:636). The connected documents describe a memory corruption issue in image processing (buffer/heap overflow in decoding BMP/DIB/related formats) that could allow arbitrary ...

CAN-2004-0077

CVE-2004-0077 is referenced in multiple Linux kernel security advisories (e.g., Debian DSA 442-1 and GLSA 200403-02) attached to OpenVAS entries, indicating a kernel vulnerability in the 2.4.x lineage across architectures (e.g., s390, mips, ia64). The OpenVAS data shows CVSS base score 7.2 with v...

CAN-2004-0772

CVE-2004-0772 is a set of double-free vulnerabilities in MIT Kerberos 5 (krb5), specifically in the error handling code for krb524d in MIT Kerberos 5 1.2.8 and earlier. These flaws may allow remote attackers to execute arbitrary code, primarily by exploiting double-free conditions in the KDC and ...

CAN-2004-0693

The connected records show CVE-2004-0691/0692/0693 tied to a Qt-related security issue and multiple advisories (Qt security updates across Linux distros such as SLES, Gentoo, FreeBSD ports, Slackware). These entries indicate a vulnerability in Qt that prompted security advisories and the need for...

CAN-2004-0781

CVE-2004-0781 maps to an Icecast XSS in icecast-server (list.cgi) affecting 1.3.12 and earlier. The vulnerability arises from improper input sanitization in the status display, allowing remote attackers to craft a link containing script code that executes in a user’s browser, potentially stealing...

CAN-2004-0564

CVE-2004-0564 refers to the RP-PPPoE (rp-pppoe) component. When pppoe is run with setuid root, it can allow local users to overwrite arbitrary files, per multiple advisories (Debian DSA-557-1, Mandrake MDKSA-2004:145) and OSV/NVD entries. The issue arises only in configurations where rp-pppoe is ...

CAN-2004-0809

CVE-2004-0809 corresponds to a WebDAV/ mod_dav issue in the Apache WebDAV module that could allow a remote attacker to crash the server (Denial of Service) on installations with WebDAV enabled. The connected OpenVAS/Nessus entries reference SuSE SLES9 advisories (patches 5009547 and 5013988) addr...

CAN-2004-0815

CVE-2004-0815 corresponds to a remote arbitrary file-access vulnerability in Samba. Public details in connected documents indicate that Samba versions prior to 2.2.11 and 3.x prior to 3.0.7 were vulnerable to accessing files outside the share’s defined path. Some sources note that later research ...

CAN-2004-0881

CVE-2004-0881 affects getmail: getmail 4.x before 4.2.0 and other versions before 3.2.5. When run as root, it allows local users to overwrite arbitrary files via a symlink attack on subdirectories of the maildir. Impact is local file writes. Remediation: upgrade to getmail 4.2.0 or newer (or 3.2....

CAN-2004-0833

CVE-2004-0833 affects sendmail on Debian GNU/Linux where the sasl-bin integration leaves a fixed username/password in the SASL database configuration. This misconfiguration could allow remote attackers to use Sendmail as an open mail relay and send spam messages. Public references include Debian ...