Search Results (91 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0206 15 Ascii, Cstex, Debian and 12 more 22 Ptex, Cstetex, Debian Linux and 19 more 2026-04-16 N/A
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2004-1613 3 Mozilla, Redhat, Sgi 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more 2026-04-16 N/A
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
CVE-2005-0605 8 Altlinux, Lesstif, Mandrakesoft and 5 more 12 Alt Linux, Lesstif, Mandrake Linux and 9 more 2026-04-16 N/A
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVE-2005-0667 5 Altlinux, Gentoo, Redhat and 2 more 7 Alt Linux, Linux, Enterprise Linux and 4 more 2026-04-16 N/A
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
CVE-2005-0750 5 Conectiva, Linux, Redhat and 2 more 8 Linux, Linux Kernel, Enterprise Linux and 5 more 2026-04-16 N/A
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
CVE-2005-1267 5 Gentoo, Lbl, Mandrakesoft and 2 more 6 Linux, Tcpdump, Mandrake Linux and 3 more 2026-04-16 N/A
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVE-2005-2970 4 Apache, Canonical, Fedoraproject and 1 more 7 Http Server, Ubuntu Linux, Fedora Core and 4 more 2026-04-16 N/A
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
CVE-2005-3626 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2004-1067 3 Carnegie Mellon University, Redhat, Ubuntu 3 Cyrus Imap Server, Fedora Core, Ubuntu Linux 2026-04-16 N/A
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
CVE-2004-1071 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2026-04-16 N/A
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
CVE-2006-0451 1 Redhat 2 Directory Server, Fedora Core 2026-04-16 N/A
Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite.
CVE-2006-0453 1 Redhat 2 Directory Server, Fedora Core 2026-04-16 N/A
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite.
CVE-2005-0373 6 Apple, Conectiva, Cyrus and 3 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
CVE-2004-1268 2 Easy Software Products, Redhat 3 Cups, Enterprise Linux, Fedora Core 2026-04-16 N/A
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.
CVE-2004-1269 2 Easy Software Products, Redhat 3 Cups, Enterprise Linux, Fedora Core 2026-04-16 N/A
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
CVE-2004-1335 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Fedora Core and 1 more 2026-04-16 N/A
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
CVE-2004-0882 4 Conectiva, Redhat, Samba and 1 more 7 Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more 2026-04-16 N/A
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
CVE-2004-0886 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2026-04-16 N/A
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
CVE-2004-0902 4 Conectiva, Mozilla, Redhat and 1 more 9 Linux, Mozilla, Thunderbird and 6 more 2026-04-16 N/A
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
CVE-2004-0914 6 Gentoo, Lesstif, Redhat and 3 more 8 Linux, Lesstif, Enterprise Linux and 5 more 2026-04-16 N/A
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.