Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Total 5973 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-0337 3 Redhat, Suse, Wietse Venema 4 Enterprise Linux, Enterprise Linux Desktop, Suse Linux and 1 more 2026-06-16 7.5 HIGH N/A
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
CVE-2005-0207 4 Conectiva, Linux, Redhat and 1 more 5 Linux, Linux Kernel, Enterprise Linux and 2 more 2026-06-16 2.1 LOW N/A
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
CVE-2005-0206 15 Ascii, Cstex, Debian and 12 more 22 Ptex, Cstetex, Debian Linux and 19 more 2026-06-16 7.5 HIGH N/A
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2005-0156 7 Ibm, Larry Wall, Redhat and 4 more 9 Aix, Perl, Enterprise Linux and 6 more 2026-06-16 2.1 LOW N/A
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-2005-0109 5 Freebsd, Redhat, Sco and 2 more 8 Freebsd, Enterprise Linux, Enterprise Linux Desktop and 5 more 2026-06-16 4.7 MEDIUM 5.6 MEDIUM
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
CVE-2005-0092 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-06-16 2.1 LOW N/A
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).
CVE-2005-0091 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-06-16 7.2 HIGH N/A
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls.
CVE-2005-0090 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-06-16 2.1 LOW N/A
A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash).
CVE-2005-0087 2 Alsa-project, Redhat 2 Alsa-lib, Enterprise Linux 2026-06-16 4.6 MEDIUM N/A
The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library.
CVE-2005-0086 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-06-16 7.5 HIGH N/A
Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale.
CVE-2005-0085 4 Htdig, Mandrakesoft, Redhat and 1 more 5 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 2 more 2026-06-16 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
CVE-2005-0078 3 Debian, Kde, Redhat 5 Debian Linux, Kde, Enterprise Linux and 2 more 2026-06-16 4.6 MEDIUM N/A
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
CVE-2005-0077 4 Debian, Gentoo, Redhat and 1 more 5 Debian Linux, Linux, Enterprise Linux and 2 more 2026-06-16 2.1 LOW N/A
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
CVE-2005-0003 4 Avaya, Linux, Mandrakesoft and 1 more 15 Converged Communications Server, Intuity Audix, Mn100 and 12 more 2026-06-16 2.1 LOW N/A
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
CVE-2005-0001 3 Linux, Redhat, Trustix 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-06-16 6.9 MEDIUM N/A
Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.
CVE-2004-2771 4 Bsd Mailx Project, Heirloom, Oracle and 1 more 4 Bsd Mailx, Mailx, Linux and 1 more 2026-06-16 7.5 HIGH N/A
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
CVE-2004-2766 2 Redhat, Sun 4 Enterprise Linux, Iplanet Messaging Server, One Messaging Server and 1 more 2026-06-16 4.3 MEDIUM N/A
Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows remote attackers to obtain unspecified "access" to e-mail via a crafted e-mail message, related to a "session hijacking" issue, a different vulnerability than CVE-2005-2022 and CVE-2006-5486.
CVE-2004-2765 2 Redhat, Sun 4 Enterprise Linux, Iplanet Messaging Server, One Messaging Server and 1 more 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486.
CVE-2004-1613 3 Mozilla, Redhat, Sgi 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more 2026-06-16 5.0 MEDIUM N/A
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
CVE-2004-1335 2 Linux, Redhat 3 Linux Kernel, Fedora Core, Linux 2026-06-16 2.1 LOW N/A
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.