Vulnerabilities (CVE)

Vendor filter

Mandrakesoft Subscribe

Product filter

Mandrake Linux Subscribe

Filter

135 total CVE
CVE Vendors Products Updated CVSS
CVE-2003-0367 5 Turbolinux, Openpkg, Mandrakesoft and 2 more 9 Mandrake Multi Network Firewall, Turbolinux Advanced Server, Mandrake Linux Corporate Server and 6 more 2019-05-23 2.1
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2004-0496 5 Gentoo, Suse, Mandrakesoft and 2 more 13 Mandrake Multi Network Firewall, Linux Kernel, Suse Email Server and 10 more 2018-10-30 7.2
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
CVE-2004-1307 10 Apple, Conectiva, Libtiff and 7 more 19 Propack, Unixware, Linux and 16 more 2018-10-30 7.5
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to...
CVE-2000-0844 13 Turbolinux, Conectiva, Slackware and 10 more 16 Aix, Solaris, Openlinux Eserver and 13 more 2018-10-30 10.0
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2004-1180 3 Debian, Mandrakesoft, Sun 5 Debian Linux, Mandrake Linux, Solaris and 2 more 2018-10-30 5.0
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
CVE-2006-0745 5 X.org, Suse, Mandrakesoft and 2 more 6 Solaris, Fedora Core, X11r7 and 3 more 2018-10-19 7.2
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1)...
CVE-2005-3626 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3625 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode...
CVE-2005-3624 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to...
CVE-2005-1267 5 Gentoo, Mandrakesoft, Trustix and 2 more 5 Mandrake Linux, Tcpdump, Fedora Core and 2 more 2018-10-19 5.0
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVE-2005-0473 3 Rob Flynn, Mandrakesoft, Redhat 5 Gaim, Mandrake Linux, Enterprise Linux Desktop and 2 more 2018-10-19 5.0
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
CVE-2005-0472 3 Rob Flynn, Mandrakesoft, Redhat 5 Gaim, Mandrake Linux, Enterprise Linux Desktop and 2 more 2018-10-19 5.0
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
CVE-2004-1014 4 Mandrakesoft, Debian, Nfs and 1 more 6 Nfs-utils, Debian Linux, Enterprise Linux Desktop and 3 more 2018-10-19 5.0
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
CVE-2002-2185 6 Redhat, Sgi, Suse and 3 more 11 Windows 98, Linux Advanced Workstation, Windows 98se and 8 more 2018-10-19 4.9
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to...
CVE-2007-0454 3 Mandrakesoft, Debian, Samba 5 Debian Linux, Mandrake Linux, Mandrake Linuxsoft 2007 and 2 more 2018-10-16 7.5
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled...
CVE-2008-0595 4 Redhat, Mandrakesoft, D-bus and 1 more 6 Enterprise Linux, Enterprise Linux Desktop, Fedora and 3 more 2018-10-15 4.6
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via...
CVE-2007-6284 3 Debian, Mandrakesoft, Redhat 4 Debian Linux, Mandrake Linux, Fedora and 1 more 2018-10-15 5.0
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
CVE-2005-0605 8 X.org, Xfree86 Project, Redhat and 5 more 11 Propack, Lesstif, Enterprise Linux Desktop and 8 more 2018-10-03 7.5
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVE-2004-0983 4 Gentoo, Yukihiro Matsumoto, Mandrakesoft and 1 more 5 Ruby, Mandrake Linux, Ubuntu Linux and 2 more 2018-10-03 5.0
The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
CVE-2000-0867 5 Slackware, Mandrakesoft, Debian and 2 more 5 Debian Linux, Linux, Mandrake Linux and 2 more 2018-05-03 7.2
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.