Total
81 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | |||||
| CVE-2004-1012 | 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more | 6 Cyrus Imap Server, Linux, Openpkg and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
| The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. | |||||
| CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | |||||
| CVE-2005-0156 | 7 Ibm, Larry Wall, Redhat and 4 more | 9 Aix, Perl, Enterprise Linux and 6 more | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. | |||||
| CVE-2005-0736 | 3 Conectiva, Linux, Redhat | 5 Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-04-03 | 2.1 LOW | N/A |
| Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events. | |||||
| CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||||
| CVE-2004-1071 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 7.2 HIGH | N/A |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | |||||
| CVE-2004-1074 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 2.1 LOW | N/A |
| The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. | |||||
| CVE-2004-0989 | 5 Redhat, Trustix, Ubuntu and 2 more | 6 Fedora Core, Secure Linux, Ubuntu Linux and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. | |||||
| CVE-2004-0918 | 6 Gentoo, Openpkg, Redhat and 3 more | 6 Linux, Openpkg, Fedora Core and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | |||||
| CVE-2005-0750 | 5 Conectiva, Linux, Redhat and 2 more | 8 Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-03 | 7.2 HIGH | N/A |
| The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | |||||
| CVE-2004-1268 | 2 Easy Software Products, Redhat | 2 Cups, Fedora Core | 2025-04-03 | 2.1 LOW | N/A |
| lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. | |||||
| CVE-2005-3630 | 1 Redhat | 1 Fedora Core | 2025-04-03 | 5.0 MEDIUM | N/A |
| Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives. | |||||
| CVE-2004-0904 | 4 Conectiva, Mozilla, Netscape and 1 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | 10.0 HIGH | N/A |
| Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | |||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | |||||
| CVE-2004-0461 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2025-04-03 | 10.0 HIGH | N/A |
| The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | |||||
| CVE-2005-0605 | 8 Altlinux, Lesstif, Mandrakesoft and 5 more | 11 Alt Linux, Lesstif, Mandrake Linux and 8 more | 2025-04-03 | 7.5 HIGH | N/A |
| scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | |||||
| CVE-2004-0587 | 3 Mandrakesoft, Redhat, Suse | 4 Mandrake Linux, Mandrake Linux Corporate Server, Fedora Core and 1 more | 2025-04-03 | 2.1 LOW | N/A |
| Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. | |||||
| CVE-2004-1011 | 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more | 6 Cyrus Imap Server, Linux, Openpkg and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. | |||||
| CVE-2004-0882 | 4 Conectiva, Redhat, Samba and 1 more | 7 Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | |||||