Vulnerabilities (CVE)

Vendor filter

Mandrakesoft Subscribe

Filter

140 total CVE
CVE Vendors Products Updated CVSS
CVE-2003-0367 5 Turbolinux, Openpkg, Mandrakesoft and 2 more 9 Mandrake Multi Network Firewall, Turbolinux Advanced Server, Mandrake Linux Corporate Server and 6 more 2019-05-23 2.1
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2004-0496 5 Gentoo, Suse, Mandrakesoft and 2 more 13 Mandrake Multi Network Firewall, Linux Kernel, Suse Email Server and 10 more 2018-10-30 7.2
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
CVE-2000-0844 13 Turbolinux, Conectiva, Slackware and 10 more 16 Aix, Solaris, Openlinux Eserver and 13 more 2018-10-30 10.0
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2004-1307 10 Apple, Conectiva, Libtiff and 7 more 19 Propack, Unixware, Linux and 16 more 2018-10-30 7.5
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to...
CVE-2004-1180 3 Debian, Mandrakesoft, Sun 5 Debian Linux, Mandrake Linux, Solaris and 2 more 2018-10-30 5.0
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
CVE-2006-0745 5 X.org, Suse, Mandrakesoft and 2 more 6 Solaris, Fedora Core, X11r7 and 3 more 2018-10-19 7.2
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1)...
CVE-2005-3626 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3625 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode...
CVE-2005-3624 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to...
CVE-2005-1267 5 Gentoo, Mandrakesoft, Trustix and 2 more 5 Mandrake Linux, Tcpdump, Fedora Core and 2 more 2018-10-19 5.0
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVE-2005-0473 3 Rob Flynn, Mandrakesoft, Redhat 5 Gaim, Mandrake Linux, Enterprise Linux Desktop and 2 more 2018-10-19 5.0
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
CVE-2005-0472 3 Rob Flynn, Mandrakesoft, Redhat 5 Gaim, Mandrake Linux, Enterprise Linux Desktop and 2 more 2018-10-19 5.0
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
CVE-2004-1014 4 Mandrakesoft, Debian, Nfs and 1 more 6 Nfs-utils, Debian Linux, Enterprise Linux Desktop and 3 more 2018-10-19 5.0
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
CVE-2002-2185 6 Redhat, Sgi, Suse and 3 more 11 Windows 98, Linux Advanced Workstation, Windows 98se and 8 more 2018-10-19 4.9
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to...
CVE-2007-1352 8 Turbolinux, Ubuntu, X.org and 5 more 12 Mandrake Multi Network Firewall, Linux Advanced Workstation, Enterprise Linux Desktop and 9 more 2018-10-16 3.8
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
CVE-2007-1351 7 Ubuntu, X.org, Rpath and 4 more 9 Mandrake Multi Network Firewall, Linux Advanced Workstation, Enterprise Linux Desktop and 6 more 2018-10-16 8.5
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
CVE-2007-0454 3 Mandrakesoft, Debian, Samba 5 Debian Linux, Mandrake Linux, Mandrake Linuxsoft 2007 and 2 more 2018-10-16 7.5
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled...
CVE-2008-0595 4 Redhat, Mandrakesoft, D-bus and 1 more 6 Enterprise Linux, Enterprise Linux Desktop, Fedora and 3 more 2018-10-15 4.6
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via...
CVE-2007-6284 3 Debian, Mandrakesoft, Redhat 4 Debian Linux, Mandrake Linux, Fedora and 1 more 2018-10-15 5.0
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
CVE-2007-5116 4 Larry Wall, Mandrakesoft, Openpkg and 1 more 4 Openpkg, Mandrake Multi Network Firewall, Enterprise Linux and 1 more 2018-10-15 7.5
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.