Search Results (66 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0142 5 Immunix, Mandrakesoft, National Science Foundation and 2 more 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more 2026-04-16 N/A
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2005-0001 3 Linux, Redhat, Trustix 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-04-16 N/A
Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.
CVE-2001-1030 6 Caldera, Immunix, Mandrakesoft and 3 more 8 Openlinux Server, Immunix, Mandrake Linux and 5 more 2026-04-16 N/A
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
CVE-2000-0666 5 Conectiva, Debian, Redhat and 2 more 5 Linux, Debian Linux, Linux and 2 more 2026-04-16 N/A
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
CVE-2004-0432 3 Gentoo, Proftpd Project, Trustix 3 Linux, Proftpd, Secure Linux 2026-04-16 N/A
ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
CVE-2004-0565 5 Gentoo, Linux, Mandrakesoft and 2 more 7 Linux, Linux Kernel, Mandrake Linux and 4 more 2026-04-16 N/A
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
CVE-2004-0594 7 Avaya, Debian, Hp and 4 more 9 Converged Communications Server, Debian Linux, Hp-ux and 6 more 2026-04-16 N/A
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
CVE-2004-0595 4 Avaya, Php, Redhat and 1 more 11 Converged Communications Server, Integrated Management, S8300 and 8 more 2026-04-16 N/A
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
CVE-2004-0600 3 Redhat, Samba, Trustix 3 Enterprise Linux, Samba, Secure Linux 2026-04-16 N/A
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
CVE-2001-0117 4 Immunix, Mandrakesoft, Redhat and 1 more 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more 2026-04-16 N/A
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
CVE-2004-0801 4 Conectiva, Linuxprinting.org, Sun and 1 more 4 Linux, Foomatic-filters, Java Desktop System and 1 more 2026-04-16 N/A
Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
CVE-2004-0803 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2026-04-16 N/A
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
CVE-2004-0686 3 Redhat, Samba, Trustix 3 Enterprise Linux, Samba, Secure Linux 2026-04-16 N/A
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.
CVE-2005-0156 7 Ibm, Larry Wall, Redhat and 4 more 9 Aix, Perl, Enterprise Linux and 6 more 2026-04-16 N/A
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-2005-0988 7 Freebsd, Gentoo, Gnu and 4 more 13 Freebsd, Linux, Gzip and 10 more 2026-04-16 N/A
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
CVE-2005-1267 5 Gentoo, Lbl, Mandrakesoft and 2 more 6 Linux, Tcpdump, Mandrake Linux and 3 more 2026-04-16 N/A
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVE-2005-1410 3 Postgresql, Redhat, Trustix 3 Postgresql, Enterprise Linux, Secure Linux 2026-04-16 N/A
The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments.
CVE-2005-3626 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2004-1071 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2026-04-16 N/A
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
CVE-2004-0685 3 Linux, Redhat, Trustix 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-04-16 N/A
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.