Filtered by vendor Redhat
Subscribe
Total
5599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0196 | 3 Nmh, Redhat, Turbolinux | 3 Nmh, Linux, Turbolinux | 2024-02-28 | 7.5 HIGH | N/A |
| Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message. | |||||
| CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
| Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | |||||
| CVE-2001-0143 | 2 Immunix, Redhat | 2 Immunix, Linux | 2024-02-28 | 1.2 LOW | N/A |
| vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2000-0322 | 1 Redhat | 1 Linux | 2024-02-28 | 10.0 HIGH | N/A |
| The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0391 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0946 | 1 Redhat | 1 Linux | 2024-02-28 | 3.6 LOW | N/A |
| apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins. | |||||
| CVE-2001-0120 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-02-28 | 1.2 LOW | N/A |
| useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-1999-1347 | 1 Redhat | 1 Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
| Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm. | |||||
| CVE-2002-0044 | 3 Debian, Gnu, Redhat | 3 Debian Linux, Enscript, Linux | 2024-02-28 | 3.6 LOW | N/A |
| GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | |||||
| CVE-1999-1406 | 1 Redhat | 1 Linux | 2024-02-28 | 2.1 LOW | N/A |
| dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel. | |||||
| CVE-2000-0668 | 3 Conectiva, Michael K. Johnson, Redhat | 3 Linux, Pam Console, Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
| pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled. | |||||
| CVE-1999-0814 | 1 Redhat | 1 Linux | 2024-02-28 | 10.0 HIGH | N/A |
| Red Hat pump DHCP client allows remote attackers to gain root access in some configurations. | |||||
| CVE-2000-0336 | 4 Mandrakesoft, Openldap, Redhat and 1 more | 4 Mandrake Linux, Openldap, Linux and 1 more | 2024-02-28 | 2.1 LOW | N/A |
| Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2004-0234 | 8 Clearswift, F-secure, Rarlab and 5 more | 13 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 10 more | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. | |||||
| CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | |||||
| CVE-1999-0130 | 7 Bsdi, Caldera, Eric Allman and 4 more | 7 Bsd Os, Network Desktop, Sendmail and 4 more | 2024-02-28 | 7.2 HIGH | N/A |
| Local users can start Sendmail in daemon mode and gain root privileges. | |||||
| CVE-1999-1496 | 3 Debian, Redhat, Todd Miller | 3 Debian Linux, Linux, Sudo | 2024-02-28 | 2.1 LOW | N/A |
| Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist. | |||||
| CVE-1999-1186 | 3 Redhat, Rxvt, Slackware | 3 Linux, Rxvt, Slackware Linux | 2024-02-28 | 7.2 HIGH | N/A |
| rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter. | |||||
| CVE-2003-0688 | 6 Compaq, Freebsd, Openbsd and 3 more | 6 Tru64, Freebsd, Openbsd and 3 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data. | |||||
| CVE-2003-0459 | 2 Kde, Redhat | 8 Konqueror, Konqueror Embedded, Analog Real-time Synthesizer and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. | |||||