Vulnerabilities (CVE)

Vendor filter

Mandrakesoft Subscribe

Product filter

Mandrake Linux Corporate Server Subscribe

Filter

56 total CVE
CVE Vendors Products Updated CVSS
CVE-2003-0367 5 Turbolinux, Openpkg, Mandrakesoft and 2 more 9 Mandrake Multi Network Firewall, Turbolinux Advanced Server, Mandrake Linux Corporate Server and 6 more 2019-05-23 2.1
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2004-0496 5 Gentoo, Suse, Mandrakesoft and 2 more 13 Mandrake Multi Network Firewall, Linux Kernel, Suse Email Server and 10 more 2018-10-30 7.2
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
CVE-2004-1307 10 Apple, Conectiva, Libtiff and 7 more 19 Propack, Unixware, Linux and 16 more 2018-10-30 7.5
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to...
CVE-2004-1180 3 Debian, Mandrakesoft, Sun 5 Debian Linux, Mandrake Linux, Solaris and 2 more 2018-10-30 5.0
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
CVE-2005-3626 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3625 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode...
CVE-2005-3624 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to...
CVE-2005-0473 3 Rob Flynn, Mandrakesoft, Redhat 5 Gaim, Mandrake Linux, Enterprise Linux Desktop and 2 more 2018-10-19 5.0
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
CVE-2005-0472 3 Rob Flynn, Mandrakesoft, Redhat 5 Gaim, Mandrake Linux, Enterprise Linux Desktop and 2 more 2018-10-19 5.0
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
CVE-2004-1014 4 Mandrakesoft, Debian, Nfs and 1 more 6 Nfs-utils, Debian Linux, Enterprise Linux Desktop and 3 more 2018-10-19 5.0
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
CVE-2007-0454 3 Mandrakesoft, Debian, Samba 5 Debian Linux, Mandrake Linux, Mandrake Linuxsoft 2007 and 2 more 2018-10-16 7.5
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled...
CVE-2007-6284 3 Debian, Mandrakesoft, Redhat 4 Debian Linux, Mandrake Linux, Fedora and 1 more 2018-10-15 5.0
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
CVE-2005-0605 8 X.org, Xfree86 Project, Redhat and 5 more 11 Propack, Lesstif, Enterprise Linux Desktop and 8 more 2018-10-03 7.5
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVE-2004-0983 4 Gentoo, Yukihiro Matsumoto, Mandrakesoft and 1 more 5 Ruby, Mandrake Linux, Ubuntu Linux and 2 more 2018-10-03 5.0
The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
CVE-2001-0736 5 Immunix, University Of Washington, Engardelinux and 2 more 6 Secure Linux, Mandrake Linux Corporate Server, Linux and 3 more 2017-12-19 2.1
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
CVE-2001-0441 3 Debian, Mandrakesoft, Redhat 4 Debian Linux, Linux, Mandrake Linux and 1 more 2017-12-19 7.5
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
CVE-2005-0206 15 Xpdf, Easy Software Products, Ubuntu and 12 more 22 Linux, Kde, Fedora Core and 19 more 2017-10-11 7.5
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2005-0085 4 Suse, Htdig, Mandrakesoft and 1 more 5 Suse Linux, Htdig, Mandrake Linux and 2 more 2017-10-11 6.8
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
CVE-2005-0003 4 Avaya, Mandrakesoft, Linux and 1 more 15 Mandrake Multi Network Firewall, Linux Kernel, Converged Communications Server and 12 more 2017-10-11 2.1
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute...
CVE-2004-1235 7 Linux, Ubuntu, Conectiva and 4 more 20 Mandrake Multi Network Firewall, Linux Kernel, Converged Communications Server and 17 more 2017-10-11 6.2
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.