Total
8864 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2024-02-28 | 10.0 HIGH | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||||
CVE-2001-0834 | 4 Conectiva, Debian, Htdig and 1 more | 4 Linux, Debian Linux, Htdig and 1 more | 2024-02-28 | 6.4 MEDIUM | N/A |
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | |||||
CVE-2003-0362 | 1 Debian | 1 Debian Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. | |||||
CVE-1999-0914 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the FTP client in the Debian GNU/Linux netstd package. | |||||
CVE-2004-0179 | 3 Apache, Debian, Webdav | 5 Openoffice, Subversion, Debian Linux and 2 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. | |||||
CVE-2000-0513 | 1 Debian | 1 Debian Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password. | |||||
CVE-2000-0607 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. | |||||
CVE-2004-0451 | 2 Debian, Sup | 2 Debian Linux, Sup | 2024-02-28 | 10.0 HIGH | N/A |
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog. | |||||
CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | |||||
CVE-1999-0832 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. | |||||
CVE-1999-0405 | 4 Debian, Freebsd, Redhat and 1 more | 4 Debian Linux, Freebsd, Linux and 1 more | 2024-02-28 | 7.2 HIGH | N/A |
A buffer overflow in lsof allows local users to obtain root privilege. | |||||
CVE-2003-0360 | 1 Debian | 1 Debian Linux | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2003-0440 | 2 Debian, Semi | 2 Debian Linux, Semi | 2024-02-28 | 4.6 MEDIUM | N/A |
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2001-0069 | 1 Debian | 1 Debian Linux | 2024-02-28 | 2.1 LOW | N/A |
dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-1999-1276 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device. | |||||
CVE-2001-0139 | 5 Caldera, Debian, Immunix and 2 more | 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more | 2024-02-28 | 1.2 LOW | N/A |
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
CVE-2001-0170 | 4 Conectiva, Debian, Immunix and 1 more | 4 Linux, Debian Linux, Immunix and 1 more | 2024-02-28 | 2.1 LOW | N/A |
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | |||||
CVE-2004-0488 | 3 Apache, Debian, Redhat | 4 Http Server, Debian Linux, Enterprise Linux Server and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||||
CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 4 Linux, Debian Linux, Linux and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | |||||
CVE-2004-0642 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. |