Total
214 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0355 | 3 Bent Bagger, Redhat, Suse | 3 Pbpg, Linux, Suse Linux | 2023-12-10 | 7.5 HIGH | N/A |
pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files. | |||||
CVE-2000-1016 | 1 Suse | 1 Suse Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | |||||
CVE-2004-0592 | 1 Suse | 1 Suse Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626. | |||||
CVE-1999-0433 | 5 Netbsd, Redhat, Slackware and 2 more | 5 Netbsd, Linux, Slackware Linux and 2 more | 2023-12-10 | 4.6 MEDIUM | N/A |
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
CVE-2000-0231 | 2 Halloween, Suse | 2 Halloween Linux, Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. | |||||
CVE-2004-1476 | 2 Suse, Xine | 3 Suse Linux, Xine, Xine-lib | 2023-12-10 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label. | |||||
CVE-2000-0362 | 1 Suse | 1 Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. | |||||
CVE-2001-0178 | 4 Caldera, Conectiva, Mandrakesoft and 1 more | 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more | 2023-12-10 | 2.1 LOW | N/A |
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | |||||
CVE-2000-0869 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. | |||||
CVE-2004-0867 | 4 Kde, Microsoft, Mozilla and 1 more | 5 Konqueror, Ie, Internet Explorer and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. | |||||
CVE-2001-0458 | 4 Debian, Mandrakesoft, Ralf S. Engelschall and 1 more | 4 Debian Linux, Mandrake Linux, Eperl and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. | |||||
CVE-1999-0831 | 4 Cobalt, Debian, Sun and 1 more | 6 Qube, Debian Linux, Cobalt Raq and 3 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in Linux syslogd via a large number of connections. | |||||
CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | |||||
CVE-2002-1285 | 1 Suse | 1 Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments. | |||||
CVE-2001-0872 | 3 Openbsd, Redhat, Suse | 3 Openssh, Linux, Suse Linux | 2023-12-10 | 7.2 HIGH | N/A |
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | |||||
CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2023-12-10 | 10.0 HIGH | N/A |
time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||||
CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | |||||
CVE-2004-0817 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | |||||
CVE-2002-0768 | 2 Luke Mewburn, Suse | 2 Lukemftp, Suse Linux | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command. | |||||
CVE-2001-1130 | 1 Suse | 1 Suse Linux | 2023-12-10 | 7.5 HIGH | N/A |
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file. |