Total
214 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | |||||
CVE-2004-0688 | 4 Openbsd, Suse, X.org and 1 more | 4 Openbsd, Suse Linux, X11r6 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. | |||||
CVE-2002-1285 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments. | |||||
CVE-2002-0062 | 5 Debian, Freebsd, Gnu and 2 more | 5 Debian Linux, Freebsd, Ncurses and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | |||||
CVE-2000-1016 | 1 Suse | 1 Suse Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | |||||
CVE-1999-0433 | 5 Netbsd, Redhat, Slackware and 2 more | 5 Netbsd, Linux, Slackware Linux and 2 more | 2024-02-28 | 4.6 MEDIUM | N/A |
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
CVE-2004-0807 | 5 Conectiva, Mandrakesoft, Samba and 2 more | 5 Linux, Mandrake Linux, Samba and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | |||||
CVE-2004-0746 | 4 Gentoo, Kde, Mandrakesoft and 1 more | 5 Linux, Kde, Konqueror and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | |||||
CVE-1999-0831 | 4 Cobalt, Debian, Sun and 1 more | 6 Qube, Debian Linux, Cobalt Raq and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in Linux syslogd via a large number of connections. | |||||
CVE-2004-1139 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). | |||||
CVE-2001-0763 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. | |||||
CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | |||||
CVE-2004-0497 | 7 Conectiva, Gentoo, Linux and 4 more | 9 Linux, Linux, Linux Kernel and 6 more | 2024-02-28 | 2.1 LOW | N/A |
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. | |||||
CVE-1999-0746 | 2 Slackware, Suse | 2 Slackware Linux, Suse Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. | |||||
CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | |||||
CVE-2004-0687 | 4 Openbsd, Suse, X.org and 1 more | 4 Openbsd, Suse Linux, X11r6 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. | |||||
CVE-2000-0438 | 4 Caldera, Slackware, Suse and 1 more | 4 Openlinux, Slackware Linux, Suse Linux and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. | |||||
CVE-2004-1145 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | |||||
CVE-2004-1895 | 1 Suse | 1 Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies. | |||||
CVE-2003-0846 | 1 Suse | 1 Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. |