Filtered by vendor Redhat
Subscribe
Total
5631 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0169 | 4 Mandrakesoft, Redhat, Trustix and 1 more | 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more | 2024-02-28 | 2.1 LOW | N/A |
| When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. | |||||
| CVE-2003-0986 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-28 | 1.7 LOW | N/A |
| Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. | |||||
| CVE-2001-0859 | 1 Redhat | 1 Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| 2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. | |||||
| CVE-1999-0297 | 5 Bsdi, Freebsd, Netbsd and 2 more | 5 Bsd Os, Freebsd, Netbsd and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
| Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. | |||||
| CVE-2004-0104 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | |||||
| CVE-1999-0037 | 2 Freebsd, Redhat | 2 Freebsd, Linux | 2024-02-28 | 7.5 HIGH | N/A |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. | |||||
| CVE-2003-0550 | 1 Redhat | 1 Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. | |||||
| CVE-2004-0111 | 3 Gnome, Redhat, Sgi | 5 Gdkpixbuf, Enterprise Linux, Gdk Pixbuf and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. | |||||
| CVE-2004-0488 | 3 Apache, Debian, Redhat | 4 Http Server, Debian Linux, Enterprise Linux Server and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||||
| CVE-2000-1125 | 1 Redhat | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
| restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||||
| CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | |||||
| CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 4 Linux, Debian Linux, Linux and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
| Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | |||||
| CVE-2004-0642 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
| Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | |||||
| CVE-2001-1383 | 1 Redhat | 1 Linux | 2024-02-28 | 6.2 MEDIUM | N/A |
| initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. | |||||
| CVE-2000-0751 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2024-02-28 | 7.5 HIGH | N/A |
| mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2002-0045 | 2 Openldap, Redhat | 2 Openldap, Linux | 2024-02-28 | 7.5 HIGH | N/A |
| slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. | |||||
| CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2024-02-28 | 7.5 HIGH | N/A |
| Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | |||||
| CVE-2000-0364 | 1 Redhat | 1 Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
| screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys. | |||||
| CVE-2001-0140 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-02-28 | 1.2 LOW | N/A |
| arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
| CVE-2003-0466 | 7 Apple, Freebsd, Netbsd and 4 more | 8 Mac Os X, Mac Os X Server, Freebsd and 5 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | |||||