Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Total 5977 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0107 3 Redhat, Sgi, Sysstat 3 Sysstat, Propack, Sysstat 2026-06-16 4.6 MEDIUM N/A
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
CVE-2004-0105 3 Metamail Corporation, Redhat, Sgi 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more 2026-06-16 7.5 HIGH N/A
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
CVE-2004-0104 3 Metamail Corporation, Redhat, Sgi 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more 2026-06-16 7.5 HIGH N/A
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
CVE-2004-0081 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2026-06-16 5.0 MEDIUM N/A
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2026-06-16 5.0 MEDIUM 7.5 HIGH
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2004-0077 4 Linux, Netwosix, Redhat and 1 more 7 Linux Kernel, Netwosix Linux, Bigmem Kernel and 4 more 2026-06-16 7.2 HIGH N/A
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.
CVE-2003-1437 6 Bea, Hp, Ibm and 3 more 8 Weblogic Server, Hp-ux, Aix and 5 more 2026-06-16 2.1 LOW N/A
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
CVE-2003-1295 2 Redhat, Suse 2 Enterprise Linux, Suse Linux 2026-06-16 2.1 LOW N/A
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
CVE-2003-1138 1 Redhat 1 Interchange 2026-06-16 5.0 MEDIUM N/A
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
CVE-2003-0989 1 Redhat 2 Linux, Tcpdump 2026-06-16 7.5 HIGH N/A
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
CVE-2003-0986 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-06-16 1.7 LOW N/A
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.
CVE-2003-0962 4 Andrew Tridgell, Engardelinux, Redhat and 1 more 5 Rsync, Secure Community, Secure Linux and 2 more 2026-06-16 7.5 HIGH N/A
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
CVE-2003-0859 5 Gnu, Intel, Quagga and 2 more 7 Glibc, Zebra, Ia64 and 4 more 2026-06-16 4.9 MEDIUM N/A
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-2003-0857 1 Redhat 1 Enterprise Linux 2026-06-16 4.6 MEDIUM N/A
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-2003-0700 1 Redhat 1 Kernel 2026-06-16 7.5 HIGH N/A
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699.
CVE-2003-0699 1 Redhat 2 Enterprise Linux, Linux Advanced Workstation 2026-06-16 7.5 HIGH N/A
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700.
CVE-2003-0689 1 Redhat 1 Enterprise Linux 2026-06-16 7.5 HIGH N/A
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
CVE-2003-0688 6 Compaq, Freebsd, Openbsd and 3 more 6 Tru64, Freebsd, Openbsd and 3 more 2026-06-16 5.0 MEDIUM N/A
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
CVE-2003-0686 2 Dave Airlie, Redhat 2 Pam Smb, Pam Smb 2026-06-16 7.5 HIGH N/A
Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.
CVE-2003-0552 1 Redhat 1 Linux 2026-06-16 5.0 MEDIUM N/A
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.