Search Results (49 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3626 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2004-1069 2 Linux, Ubuntu 2 Linux Kernel, Ubuntu Linux 2026-04-16 N/A
Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.
CVE-2004-1151 2 Linux, Ubuntu 2 Linux Kernel, Ubuntu Linux 2026-04-16 N/A
Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.
CVE-2005-0077 4 Debian, Gentoo, Redhat and 1 more 5 Debian Linux, Linux, Enterprise Linux and 2 more 2026-04-16 N/A
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
CVE-2004-0883 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2026-04-16 N/A
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
CVE-2004-1058 3 Linux, Redhat, Ubuntu 3 Linux Kernel, Enterprise Linux, Ubuntu Linux 2026-04-16 N/A
Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.
CVE-2004-1068 3 Linux, Redhat, Ubuntu 5 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 2 more 2026-04-16 N/A
A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.
CVE-2005-0754 5 Conectiva, Gentoo, Kde and 2 more 6 Linux, Linux, Kde and 3 more 2026-04-16 N/A
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
CVE-2004-0969 3 Gentoo, Gnu, Ubuntu 3 Linux, Groff, Ubuntu Linux 2026-04-16 N/A
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-0888 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2026-04-16 N/A
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
CVE-2004-0889 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2026-04-16 N/A
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
CVE-2004-0891 5 Gentoo, Redhat, Rob Flynn and 2 more 5 Linux, Enterprise Linux, Gaim and 2 more 2026-04-16 N/A
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
CVE-2004-0983 5 Gentoo, Mandrakesoft, Redhat and 2 more 6 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2026-04-16 N/A
The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
CVE-2004-1011 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more 6 Cyrus Imap Server, Linux, Openpkg and 3 more 2026-04-16 N/A
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
CVE-2004-1137 3 Linux, Redhat, Ubuntu 3 Linux Kernel, Enterprise Linux, Ubuntu Linux 2026-04-16 N/A
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.
CVE-2004-1235 7 Avaya, Conectiva, Linux and 4 more 20 Converged Communications Server, Intuity Audix, Mn100 and 17 more 2026-04-16 N/A
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
CVE-2004-1337 3 Conectiva, Gnu, Ubuntu 3 Linux, Realtime Linux Security Module, Ubuntu Linux 2026-04-16 N/A
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
CVE-2005-3624 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
CVE-2005-3625 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
CVE-2004-1056 3 Linux, Redhat, Ubuntu 3 Linux Kernel, Enterprise Linux, Ubuntu Linux 2026-04-16 N/A
Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output.