Total
458 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-0077 | 4 Debian, Gentoo, Redhat and 1 more | 5 Debian Linux, Linux, Enterprise Linux and 2 more | 2023-12-10 | 2.1 LOW | N/A |
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | |||||
CVE-2005-0337 | 3 Redhat, Suse, Wietse Venema | 4 Enterprise Linux, Enterprise Linux Desktop, Suse Linux and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. | |||||
CVE-2005-0086 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale. | |||||
CVE-2005-0003 | 4 Avaya, Linux, Mandrakesoft and 1 more | 15 Converged Communications Server, Intuity Audix, Mn100 and 12 more | 2023-12-10 | 2.1 LOW | N/A |
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. | |||||
CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||||
CVE-2004-0750 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | |||||
CVE-2004-1145 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | |||||
CVE-2004-0904 | 4 Conectiva, Mozilla, Netscape and 1 more | 10 Linux, Firefox, Mozilla and 7 more | 2023-12-10 | 10.0 HIGH | N/A |
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | |||||
CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2023-12-10 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | |||||
CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | |||||
CVE-2003-0548 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | |||||
CVE-2004-0491 | 1 Redhat | 1 Enterprise Linux | 2023-12-10 | 2.1 LOW | N/A |
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit. | |||||
CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2023-12-10 | 2.1 LOW | N/A |
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||||
CVE-2004-0105 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | |||||
CVE-2003-0689 | 1 Redhat | 1 Enterprise Linux | 2023-12-10 | 7.5 HIGH | N/A |
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. | |||||
CVE-2004-0809 | 8 Apache, Debian, Gentoo and 5 more | 12 Http Server, Debian Linux, Linux and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | |||||
CVE-2003-1295 | 2 Redhat, Suse | 2 Enterprise Linux, Suse Linux | 2023-12-10 | 2.1 LOW | N/A |
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | |||||
CVE-2003-0699 | 1 Redhat | 2 Enterprise Linux, Linux Advanced Workstation | 2023-12-10 | 7.5 HIGH | N/A |
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | |||||
CVE-2004-0104 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | |||||
CVE-2004-0497 | 7 Conectiva, Gentoo, Linux and 4 more | 9 Linux, Linux, Linux Kernel and 6 more | 2023-12-10 | 2.1 LOW | N/A |
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. |