Filtered by vendor Redhat
Subscribe
Total
5530 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | |||||
CVE-2003-0700 | 1 Redhat | 1 Kernel | 2023-12-10 | 7.5 HIGH | N/A |
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699. | |||||
CVE-2000-0357 | 1 Redhat | 1 Linux | 2023-12-10 | 7.5 HIGH | N/A |
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys. | |||||
CVE-2000-0365 | 1 Redhat | 1 Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices. | |||||
CVE-2000-0248 | 1 Redhat | 1 Linux | 2023-12-10 | 10.0 HIGH | N/A |
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands. | |||||
CVE-2003-0986 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2023-12-10 | 1.7 LOW | N/A |
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. | |||||
CVE-2004-0077 | 4 Linux, Netwosix, Redhat and 1 more | 7 Linux Kernel, Netwosix Linux, Bigmem Kernel and 4 more | 2023-12-10 | 7.2 HIGH | N/A |
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. | |||||
CVE-2002-0836 | 3 Hp, Mandrakesoft, Redhat | 3 Secure Os, Mandrake Linux, Linux | 2023-12-10 | 7.5 HIGH | N/A |
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | |||||
CVE-2002-1155 | 1 Redhat | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument. | |||||
CVE-1999-0502 | 3 Hp, Redhat, Sun | 4 Hp-ux, Linux, Solaris and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
A Unix account has a default, null, blank, or missing password. | |||||
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2023-12-10 | 10.0 HIGH | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||||
CVE-2003-0459 | 2 Kde, Redhat | 8 Konqueror, Konqueror Embedded, Analog Real-time Synthesizer and 5 more | 2023-12-10 | 5.0 MEDIUM | N/A |
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. | |||||
CVE-2003-0962 | 4 Andrew Tridgell, Engardelinux, Redhat and 1 more | 5 Rsync, Secure Community, Secure Linux and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. | |||||
CVE-2001-0309 | 1 Redhat | 1 Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||||
CVE-1999-0740 | 1 Redhat | 1 Linux | 2023-12-10 | 6.4 MEDIUM | N/A |
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable. | |||||
CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2023-12-10 | 7.2 HIGH | N/A |
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
CVE-2000-0392 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. | |||||
CVE-2003-0019 | 1 Redhat | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode. | |||||
CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 4 Linux, Debian Linux, Linux and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | |||||
CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2023-12-10 | 7.5 HIGH | N/A |
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. |