Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-ueyu-8raw-hfek
Vulnerability ID VCID-ueyu-8raw-hfek
Aliases CVE-2004-0458
Summary mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01605 https://api.first.org/data/v1/epss?cve=CVE-2004-0458
cvssv3.1 7.5 https://exchange.xforce.ibmcloud.com/vulnerabilities/16143
ssvc Track https://exchange.xforce.ibmcloud.com/vulnerabilities/16143
cvssv3.1 7.5 http://www.debian.org/security/2004/dsa-503
ssvc Track http://www.debian.org/security/2004/dsa-503
cvssv3.1 7.5 http://www.securityfocus.com/bid/10343
ssvc Track http://www.securityfocus.com/bid/10343
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2004-0458
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0458
10343 http://www.securityfocus.com/bid/10343
16143 https://exchange.xforce.ibmcloud.com/vulnerabilities/16143
dsa-503 http://www.debian.org/security/2004/dsa-503
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://exchange.xforce.ibmcloud.com/vulnerabilities/16143
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T17:35:36Z/ Found at https://exchange.xforce.ibmcloud.com/vulnerabilities/16143
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.debian.org/security/2004/dsa-503
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T17:35:36Z/ Found at http://www.debian.org/security/2004/dsa-503
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.securityfocus.com/bid/10343
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T17:35:36Z/ Found at http://www.securityfocus.com/bid/10343
Exploit Prediction Scoring System (EPSS)
Percentile 0.82032
EPSS Score 0.01605
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T13:40:28.619846+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0