Total
214 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0933 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2024-02-28 | 7.5 HIGH | N/A |
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||||
CVE-2006-2703 | 1 Suse | 1 Suse Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. | |||||
CVE-2005-1767 | 2 Novell, Suse | 3 Linux Desktop, Open Enterprise Server, Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). | |||||
CVE-2005-0085 | 4 Htdig, Mandrakesoft, Redhat and 1 more | 5 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. | |||||
CVE-2004-1170 | 3 Gnu, Sun, Suse | 3 A2ps, Java Desktop System, Suse Linux | 2024-02-28 | 10.0 HIGH | N/A |
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | |||||
CVE-2006-2658 | 2 Mono, Suse | 3 Xsp, Suse Linux, Suse Open Enterprise Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request. | |||||
CVE-2004-0936 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2024-02-28 | 7.5 HIGH | N/A |
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||||
CVE-2005-4789 | 1 Suse | 1 Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level. | |||||
CVE-2004-0935 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2024-02-28 | 7.5 HIGH | N/A |
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||||
CVE-2004-1071 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-02-28 | 7.2 HIGH | N/A |
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | |||||
CVE-2006-0646 | 1 Suse | 1 Suse Linux | 2024-02-28 | 4.4 MEDIUM | N/A |
ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file. | |||||
CVE-2003-1295 | 2 Redhat, Suse | 2 Enterprise Linux, Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | |||||
CVE-2001-1130 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.5 HIGH | N/A |
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file. | |||||
CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||||
CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | |||||
CVE-2002-2259 | 2 Gnuplot, Suse | 2 Gnuplot, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors. | |||||
CVE-1999-1495 | 1 Suse | 1 Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file. | |||||
CVE-1999-0390 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Dosemu Slang library in Linux. | |||||
CVE-2002-0758 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.5 HIGH | N/A |
ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file. | |||||
CVE-2000-0800 | 1 Suse | 1 Suse Linux | 2024-02-28 | 10.0 HIGH | N/A |
String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges. |