Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MandrakesoftMandrake Linux9.2

23 matches found

CVE
CVEadded 2004/08/06 4:0 a.m.78 views

CVE-2004-0535

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

2.1CVSS5.7AI score0.0009EPSS
CVE
CVEadded 2004/10/20 4:0 a.m.74 views

CVE-2004-0559

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

2.1CVSS5.9AI score0.00072EPSS
CVE
CVEadded 2004/09/17 4:0 a.m.72 views

CVE-2004-0809

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.

5CVSS7.2AI score0.16458EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.69 views

CVE-2004-0496

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

7.2CVSS6.5AI score0.0006EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.69 views

CVE-2004-0497

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

2.1CVSS5.7AI score0.00293EPSS
CVE
CVEadded 2004/09/24 4:0 a.m.69 views

CVE-2004-0827

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

7.5CVSS7.5AI score0.03692EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.66 views

CVE-2004-0817

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

7.5CVSS7.2AI score0.03598EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.64 views

CVE-2004-0461

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of servic...

10CVSS7.8AI score0.09739EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.62 views

CVE-2004-0565

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

2.1CVSS5.7AI score0.00074EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.62 views

CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

5.1CVSS7.5AI score0.06287EPSS
CVE
CVEadded 2004/05/04 4:0 a.m.61 views

CVE-2004-0386

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.

10CVSS7.7AI score0.34063EPSS
CVE
CVEadded 2004/09/28 4:0 a.m.58 views

CVE-2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

7.5CVSS7.7AI score0.03264EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.57 views

CVE-2004-0460

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) N...

10CVSS7.8AI score0.63054EPSS
CVE
CVEadded 2004/12/23 5:0 a.m.54 views

CVE-2004-0834

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

7.2CVSS7AI score0.00051EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.52 views

CVE-2004-0634

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

5CVSS6.1AI score0.10554EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.52 views

CVE-2004-0635

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

5CVSS6.2AI score0.08502EPSS
CVE
CVEadded 2004/10/20 4:0 a.m.52 views

CVE-2004-0746

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

7.5CVSS6.7AI score0.01495EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.49 views

CVE-2004-0633

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

5CVSS6.3AI score0.37279EPSS
CVE
CVEadded 2004/12/23 5:0 a.m.49 views

CVE-2004-0805

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

7.5CVSS7.6AI score0.05835EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.47 views

CVE-2004-0581

ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.

4.6CVSS6.4AI score0.00079EPSS
CVE
CVEadded 2004/08/06 4:0 a.m.40 views

CVE-2004-0587

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

2.1CVSS6AI score0.00046EPSS
CVE
CVEadded 2004/07/07 4:0 a.m.39 views

CVE-2004-0402

Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.

4.6CVSS7.1AI score0.00098EPSS
CVE
CVEadded 2004/01/05 5:0 a.m.37 views

CVE-2003-1020

The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).

5CVSS6.6AI score0.00543EPSS