Total
1926 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-0473 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | |||||
CVE-2005-0667 | 5 Altlinux, Gentoo, Redhat and 2 more | 7 Alt Linux, Linux, Enterprise Linux and 4 more | 2023-12-10 | 5.1 MEDIUM | N/A |
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. | |||||
CVE-2005-3629 | 1 Redhat | 1 Enterprise Linux | 2023-12-10 | 7.2 HIGH | N/A |
initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors. | |||||
CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | |||||
CVE-2005-0398 | 6 Altlinux, Ipsec-tools, Kame and 3 more | 7 Alt Linux, Ipsec-tools, Racoon and 4 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. | |||||
CVE-2005-1194 | 1 Redhat | 3 Enterprise Linux, Enterprise Linux Desktop, Linux Advanced Workstation | 2023-12-10 | 4.6 MEDIUM | N/A |
Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287. | |||||
CVE-2004-1071 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2023-12-10 | 7.2 HIGH | N/A |
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | |||||
CVE-2004-1074 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2023-12-10 | 2.1 LOW | N/A |
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. | |||||
CVE-2005-0077 | 4 Debian, Gentoo, Redhat and 1 more | 5 Debian Linux, Linux, Enterprise Linux and 2 more | 2023-12-10 | 2.1 LOW | N/A |
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | |||||
CVE-2005-0337 | 3 Redhat, Suse, Wietse Venema | 4 Enterprise Linux, Enterprise Linux Desktop, Suse Linux and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. | |||||
CVE-2005-0086 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale. | |||||
CVE-2005-0003 | 4 Avaya, Linux, Mandrakesoft and 1 more | 15 Converged Communications Server, Intuity Audix, Mn100 and 12 more | 2023-12-10 | 2.1 LOW | N/A |
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. | |||||
CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||||
CVE-2004-0750 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2023-12-10 | 7.5 HIGH | N/A |
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | |||||
CVE-2004-1145 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | |||||
CVE-2004-0904 | 4 Conectiva, Mozilla, Netscape and 1 more | 10 Linux, Firefox, Mozilla and 7 more | 2023-12-10 | 10.0 HIGH | N/A |
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | |||||
CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2023-12-10 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | |||||
CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | |||||
CVE-2003-0548 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | |||||
CVE-2004-0491 | 1 Redhat | 1 Enterprise Linux | 2023-12-10 | 2.1 LOW | N/A |
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit. |