Vulnerabilities (CVE)

Vendor filter

Redhat Subscribe

Product filter

Fedora Core Subscribe

Filter

83 total CVE
CVE Vendors Products Updated CVSS
CVE-2005-0004 5 Gentoo, Mysql, Debian and 2 more 6 Mysql, Debian Linux, Linux and 3 more 2019-10-07 4.6
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
CVE-2004-0594 4 Avaya, Trustix, Php and 1 more 8 Converged Communications Server, Fedora Core, S8500 and 5 more 2018-10-30 5.1
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during...
CVE-2004-0595 4 Avaya, Trustix, Php and 1 more 8 Converged Communications Server, Fedora Core, S8500 and 5 more 2018-10-30 6.8
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet...
CVE-2004-0882 4 Ubuntu, Conectiva, Samba and 1 more 7 Linux Advanced Workstation, Enterprise Linux Desktop, Enterprise Linux and 4 more 2018-10-30 10.0
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
CVE-2004-1154 4 Suse, Trustix, Samba and 1 more 4 Suse Linux, Secure Linux, Samba and 1 more 2018-10-30 10.0
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of...
CVE-2006-0745 5 X.org, Suse, Mandrakesoft and 2 more 6 Solaris, Fedora Core, X11r7 and 3 more 2018-10-19 7.2
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1)...
CVE-2005-3626 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3625 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode...
CVE-2005-3624 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to...
CVE-2005-1267 5 Gentoo, Mandrakesoft, Trustix and 2 more 5 Mandrake Linux, Tcpdump, Fedora Core and 2 more 2018-10-19 5.0
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVE-2004-1184 4 Sgi, Suse, Gnu and 1 more 4 Suse Linux, Propack, Fedora Core and 1 more 2018-10-19 4.6
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
CVE-2006-6235 6 Ubuntu, Slackware, Gpg4win and 3 more 9 Linux Advanced Workstation, Gpg4win, Enterprise Linux Desktop and 6 more 2018-10-17 10.0
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from...
CVE-2006-5170 1 Redhat 2 Enterprise Linux, Fedora Core 2018-10-17 7.5
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes...
CVE-2007-3103 2 Fedoraproject, Redhat 4 Linux, Enterprise Linux, Enterprise Linux Desktop and 1 more 2018-10-16 6.2
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
CVE-2007-2834 4 Debian, Openoffice, Sun and 1 more 7 Starsuite, Debian Linux, Staroffice and 4 more 2018-10-16 9.3
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields,...
CVE-2007-1352 8 Turbolinux, Ubuntu, X.org and 5 more 12 Mandrake Multi Network Firewall, Linux Advanced Workstation, Enterprise Linux Desktop and 9 more 2018-10-16 3.8
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
CVE-2005-0109 5 Redhat, Ubuntu, Sco and 2 more 8 Openserver, Unixware, Solaris and 5 more 2018-10-16 4.7
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and...
CVE-2005-0736 3 Conectiva, Linux, Redhat 5 Enterprise Linux Desktop, Linux Kernel, Enterprise Linux and 2 more 2018-10-03 2.1
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
CVE-2005-0605 8 X.org, Xfree86 Project, Redhat and 5 more 11 Propack, Lesstif, Enterprise Linux Desktop and 8 more 2018-10-03 7.5
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVE-2004-1333 2 Linux, Redhat 3 Linux, Linux Kernel, Fedora Core 2018-10-03 2.1
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.