Total
214 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0867 | 4 Kde, Microsoft, Mozilla and 1 more | 5 Konqueror, Ie, Internet Explorer and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. | |||||
CVE-2004-0592 | 1 Suse | 1 Suse Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626. | |||||
CVE-2004-1476 | 2 Suse, Xine | 3 Suse Linux, Xine, Xine-lib | 2024-02-28 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label. | |||||
CVE-2000-0361 | 1 Suse | 1 Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information. | |||||
CVE-2001-0525 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument. | |||||
CVE-1999-0409 | 1 Suse | 1 Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access. | |||||
CVE-2000-0433 | 1 Suse | 1 Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | |||||
CVE-2001-0458 | 4 Debian, Mandrakesoft, Ralf S. Engelschall and 1 more | 4 Debian Linux, Mandrake Linux, Eperl and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. | |||||
CVE-2000-1044 | 1 Suse | 1 Suse Linux | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges. | |||||
CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | |||||
CVE-2001-1012 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/. | |||||
CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2024-02-28 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | |||||
CVE-2001-0869 | 3 Caldera, Redhat, Suse | 5 Openlinux Eserver, Openlinux Workstation, Linux and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. | |||||
CVE-2001-0178 | 4 Caldera, Conectiva, Mandrakesoft and 1 more | 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more | 2024-02-28 | 2.1 LOW | N/A |
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | |||||
CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | |||||
CVE-2001-0109 | 1 Suse | 1 Suse Linux | 2024-02-28 | 1.2 LOW | N/A |
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. | |||||
CVE-2004-0461 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2024-02-28 | 10.0 HIGH | N/A |
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | |||||
CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2024-02-28 | 2.1 LOW | N/A |
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||||
CVE-2001-0851 | 3 Caldera, Linux, Suse | 7 Openlinux, Openlinux Edesktop, Openlinux Eserver and 4 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. | |||||
CVE-1999-0768 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. |