Filtered by vendor Redhat
Subscribe
Total
5530 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0068 | 2 Redhat, Squid | 2 Linux, Squid | 2023-12-10 | 7.5 HIGH | N/A |
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | |||||
CVE-2003-0859 | 5 Gnu, Intel, Quagga and 2 more | 7 Glibc, Zebra, Ia64 and 4 more | 2023-12-10 | 4.9 MEDIUM | N/A |
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||||
CVE-1999-0706 | 2 Isc, Redhat | 2 Inn, Linux | 2023-12-10 | 7.5 HIGH | N/A |
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. | |||||
CVE-1999-1346 | 1 Redhat | 1 Linux | 2023-12-10 | 7.5 HIGH | N/A |
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file. | |||||
CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2023-12-10 | 1.2 LOW | N/A |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-1383 | 1 Redhat | 1 Linux | 2023-12-10 | 6.2 MEDIUM | N/A |
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. | |||||
CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2023-12-10 | 7.2 HIGH | N/A |
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | |||||
CVE-1999-0710 | 1 Redhat | 1 Linux | 2023-12-10 | 7.5 HIGH | N/A |
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | |||||
CVE-2003-0364 | 1 Redhat | 1 Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. | |||||
CVE-2001-0872 | 3 Openbsd, Redhat, Suse | 3 Openssh, Linux, Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | |||||
CVE-2004-1613 | 3 Mozilla, Redhat, Sgi | 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. | |||||
CVE-2002-0835 | 3 Caldera, Hp, Redhat | 4 Openlinux Server, Openlinux Workstation, Secure Os and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones. | |||||
CVE-2001-0116 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2023-12-10 | 1.2 LOW | N/A |
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2000-0017 | 1 Redhat | 1 Linux | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. | |||||
CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2023-12-10 | 7.2 HIGH | N/A |
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
CVE-2000-0963 | 4 Freebsd, Gnu, Immunix and 1 more | 4 Freebsd, Ncurses, Immunix and 1 more | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. | |||||
CVE-2000-0566 | 3 Caldera, Mandrakesoft, Redhat | 3 Openlinux, Mandrake Linux, Linux | 2023-12-10 | 7.2 HIGH | N/A |
makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||||
CVE-2004-0817 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | |||||
CVE-1999-1333 | 1 Redhat | 1 Linux | 2023-12-10 | 7.5 HIGH | N/A |
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. | |||||
CVE-1999-0037 | 2 Freebsd, Redhat | 2 Freebsd, Linux | 2023-12-10 | 7.5 HIGH | N/A |
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. |