Total
1926 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2023-12-10 | 2.1 LOW | N/A |
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||||
CVE-2004-0105 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | |||||
CVE-2003-0689 | 1 Redhat | 1 Enterprise Linux | 2023-12-10 | 7.5 HIGH | N/A |
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. | |||||
CVE-2004-0809 | 8 Apache, Debian, Gentoo and 5 more | 12 Http Server, Debian Linux, Linux and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | |||||
CVE-2003-1295 | 2 Redhat, Suse | 2 Enterprise Linux, Suse Linux | 2023-12-10 | 2.1 LOW | N/A |
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | |||||
CVE-2003-0699 | 1 Redhat | 2 Enterprise Linux, Linux Advanced Workstation | 2023-12-10 | 7.5 HIGH | N/A |
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | |||||
CVE-2004-0104 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | |||||
CVE-2004-0497 | 7 Conectiva, Gentoo, Linux and 4 more | 9 Linux, Linux, Linux Kernel and 6 more | 2023-12-10 | 2.1 LOW | N/A |
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. | |||||
CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2023-12-10 | 7.5 HIGH | N/A |
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | |||||
CVE-1999-1572 | 5 Debian, Freebsd, Mandrakesoft and 2 more | 6 Debian Linux, Freebsd, Mandrake Linux and 3 more | 2023-12-10 | 2.1 LOW | N/A |
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. | |||||
CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 9 Enterprise Linux, Linux Advanced Workstation, Safe.pm and 6 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | |||||
CVE-2002-2185 | 6 Debian, Mandrakesoft, Microsoft and 3 more | 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more | 2023-12-10 | 4.9 MEDIUM | N/A |
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | |||||
CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | |||||
CVE-2003-0549 | 2 Gnome, Redhat | 4 Gdm, Enterprise Linux, Kdebase and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. | |||||
CVE-2004-0494 | 2 Avaya, Redhat | 4 Cvlan, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI. | |||||
CVE-2004-0802 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2023-12-10 | 5.1 MEDIUM | N/A |
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | |||||
CVE-2003-0857 | 1 Redhat | 1 Enterprise Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||||
CVE-2004-0111 | 3 Gnome, Redhat, Sgi | 5 Gdkpixbuf, Enterprise Linux, Gdk Pixbuf and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. | |||||
CVE-2004-0685 | 3 Linux, Redhat, Trustix | 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. | |||||
CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. |