Filtered by vendor Redhat
Subscribe
Total
5769 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
|
|||||
| CVE-1999-1347 | 1 Redhat | 1 Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.
|
|||||
| CVE-2004-1091 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
|
|||||
| CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
|
|||||
| CVE-2005-0398 | 6 Altlinux, Ipsec-tools, Kame and 3 more | 7 Alt Linux, Ipsec-tools, Racoon and 4 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
|
|||||
| CVE-2005-0207 | 4 Conectiva, Linux, Redhat and 1 more | 5 Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
|
|||||
| CVE-2005-0206 | 15 Ascii, Cstex, Debian and 12 more | 22 Ptex, Cstetex, Debian Linux and 19 more | 2025-04-03 | 7.5 HIGH | N/A |
|
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
|
|||||
| CVE-2001-1030 | 6 Caldera, Immunix, Mandrakesoft and 3 more | 8 Openlinux Server, Immunix, Mandrake Linux and 5 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
|
|||||
| CVE-2000-0031 | 1 Redhat | 1 Linux | 2025-04-03 | 6.2 MEDIUM | N/A |
|
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
|
|||||
| CVE-2001-0116 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2025-04-03 | 1.2 LOW | N/A |
|
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2000-0668 | 3 Conectiva, Michael K. Johnson, Redhat | 3 Linux, Pam Console, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
|
|||||
| CVE-2000-1213 | 3 Immunix, Iputils, Redhat | 3 Immunix, Iputils, Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
|
|||||
| CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2025-04-03 | 7.2 HIGH | N/A |
|
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
|
|||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
|
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
|
|||||
| CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
|
|||||
| CVE-2000-0230 | 2 Halloween, Redhat | 2 Halloween Linux, Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
|
|||||
| CVE-1999-0740 | 1 Redhat | 1 Linux | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
|
|||||
| CVE-2001-0889 | 2 Redhat, University Of Cambridge | 2 Linux, Exim | 2025-04-03 | 7.5 HIGH | N/A |
|
Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
|
|||||
| CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
|
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
|
|||||
| CVE-2001-0120 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2025-04-03 | 1.2 LOW | N/A |
|
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2001-0852 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.
|
|||||
| CVE-2003-0962 | 4 Andrew Tridgell, Engardelinux, Redhat and 1 more | 5 Rsync, Secure Community, Secure Linux and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
|
|||||
| CVE-2000-0196 | 3 Nmh, Redhat, Turbolinux | 3 Nmh, Linux, Turbolinux | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
|
|||||
| CVE-2003-0857 | 1 Redhat | 1 Enterprise Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
|
|||||
| CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
|
|||||
| CVE-2004-0986 | 4 Debian, Linux, Redhat and 1 more | 4 Debian Linux, Linux Kernel, Fedora Core and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
|
|||||
| CVE-2004-0633 | 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more | 5 Ethereal, Linux, Mandrake Linux and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
|
|||||
| CVE-1999-1496 | 3 Debian, Redhat, Todd Miller | 3 Debian Linux, Linux, Sudo | 2025-04-03 | 2.1 LOW | N/A |
|
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
|
|||||
| CVE-2003-0688 | 6 Compaq, Freebsd, Openbsd and 3 more | 6 Tru64, Freebsd, Openbsd and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
|
|||||
| CVE-2004-0904 | 4 Conectiva, Mozilla, Netscape and 1 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
|
|||||
| CVE-1999-1288 | 4 Caldera, Redhat, Samba and 1 more | 4 Openlinux, Linux, Samba and 1 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
|
|||||
| CVE-2002-2204 | 1 Redhat | 1 Redhat Package Manager | 2025-04-03 | 7.5 HIGH | N/A |
|
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source.
|
|||||
| CVE-2002-0004 | 8 Caldera, Debian, Freebsd and 5 more | 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
|
|||||
| CVE-2006-2933 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | 4.6 MEDIUM | N/A |
|
kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.
|
|||||
| CVE-2000-0170 | 2 Redhat, Turbolinux | 2 Linux, Turbolinux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
|
|||||
| CVE-1999-0768 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
|
|||||
| CVE-2000-0389 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
|
|||||
| CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
|
|||||
| CVE-2000-0336 | 4 Mandrakesoft, Openldap, Redhat and 1 more | 4 Mandrake Linux, Openldap, Linux and 1 more | 2025-04-03 | 2.1 LOW | N/A |
|
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
|
|||||
| CVE-1999-0997 | 3 Millenux Gmbh, Redhat, University Of Washington | 3 Anonftp, Linux, Wu-ftpd | 2025-04-03 | 7.5 HIGH | N/A |
|
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
|
|||||