Vulnerabilities (CVE)

Vendor filter

Conectiva Subscribe

Product filter

Linux Subscribe

Filter

64 total CVE
CVE Vendors Products Updated CVSS
CVE-2003-0780 3 Mysql, Conectiva, Oracle 3 Mysql, Linux, Mysql 2019-10-07 9.0
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
CVE-2004-1307 10 Apple, Conectiva, Libtiff and 7 more 19 Propack, Unixware, Linux and 16 more 2018-10-30 7.5
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to...
CVE-2000-0844 13 Turbolinux, Conectiva, Slackware and 10 more 16 Aix, Solaris, Openlinux Eserver and 13 more 2018-10-30 10.0
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2005-1043 6 Apple, Conectiva, Peachtree and 3 more 7 Propack, Peachtree Linux, Php and 4 more 2018-10-30 5.0
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVE-2004-0882 4 Ubuntu, Conectiva, Samba and 1 more 7 Linux Advanced Workstation, Enterprise Linux Desktop, Enterprise Linux and 4 more 2018-10-30 10.0
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
CVE-2005-3626 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3625 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode...
CVE-2005-3624 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to...
CVE-2005-0736 3 Conectiva, Linux, Redhat 5 Enterprise Linux Desktop, Linux Kernel, Enterprise Linux and 2 more 2018-10-03 2.1
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
CVE-2004-0902 4 Suse, Mozilla, Conectiva and 1 more 9 Mozilla, Linux Advanced Workstation, Enterprise Linux Desktop and 6 more 2018-05-03 10.0
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the...
CVE-2000-0666 5 Suse, Conectiva, Debian and 2 more 5 Suse Linux, Debian Linux, Linux and 2 more 2018-05-03 10.0
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
CVE-2001-0136 5 Conectiva, Debian, Mandrakesoft and 2 more 5 Debian Linux, Mandrake Linux, Proftpd and 2 more 2018-02-07 5.0
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
CVE-2000-1134 7 Conectiva, Redhat, Suse and 4 more 9 Hp-ux, Openlinux Eserver, Linux and 6 more 2017-10-19 7.2
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users...
CVE-2005-0750 5 Ubuntu, Suse, Conectiva and 2 more 8 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux and 5 more 2017-10-11 7.2
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
CVE-2005-0699 4 Altlinux, Ethereal Group, Conectiva and 1 more 6 Linux Advanced Workstation, Enterprise Linux Desktop, Enterprise Linux and 3 more 2017-10-11 7.5
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.
CVE-2005-0207 4 Suse, Conectiva, Linux and 1 more 5 Suse Linux, Enterprise Linux Desktop, Linux Kernel and 2 more 2017-10-11 2.1
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
CVE-2004-1235 7 Linux, Ubuntu, Conectiva and 4 more 20 Mandrake Multi Network Firewall, Linux Kernel, Converged Communications Server and 17 more 2017-10-11 6.2
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
CVE-2004-1145 7 Ethereal Group, Conectiva, Redhat and 4 more 9 Propack, Linux Advanced Workstation, Debian Linux and 6 more 2017-10-11 5.0
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to...
CVE-2004-1142 7 Ethereal Group, Conectiva, Redhat and 4 more 9 Propack, Linux Advanced Workstation, Debian Linux and 6 more 2017-10-11 5.0
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
CVE-2004-1139 7 Ethereal Group, Conectiva, Redhat and 4 more 9 Propack, Linux Advanced Workstation, Debian Linux and 6 more 2017-10-11 5.0
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).