Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
703 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0083 | 2 Apache, Redhat | 4 Http Server, Linux, Rhel Stronghold and 1 more | 2025-04-03 | N/A |
| Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020. | ||||
| CVE-2003-0132 | 2 Apache, Redhat | 2 Http Server, Linux | 2025-04-03 | N/A |
| A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed. | ||||
| CVE-2003-0189 | 2 Apache, Redhat | 2 Http Server, Linux | 2025-04-03 | N/A |
| The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used. | ||||
| CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2025-04-03 | N/A |
| Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | ||||
| CVE-2003-0543 | 2 Openssl, Redhat | 4 Openssl, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values. | ||||
| CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||||
| CVE-2004-1613 | 3 Mozilla, Redhat, Sgi | 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2025-04-03 | N/A |
| Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. | ||||
| CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 10 Enterprise Linux, Linux, Linux Advanced Workstation and 7 more | 2025-04-03 | N/A |
| Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | ||||
| CVE-2003-0699 | 1 Redhat | 3 Enterprise Linux, Linux, Linux Advanced Workstation | 2025-04-03 | N/A |
| The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | ||||
| CVE-2003-0020 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. | ||||
| CVE-1999-1490 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable. | ||||
| CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2025-04-03 | N/A |
| OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2025-04-03 | N/A |
| The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | ||||
| CVE-2002-0082 | 3 Apache-ssl, Mod Ssl, Redhat | 5 Apache-ssl, Mod Ssl, Linux and 2 more | 2025-04-03 | N/A |
| The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session. | ||||
| CVE-1999-0037 | 2 Freebsd, Redhat | 2 Freebsd, Linux | 2025-04-03 | N/A |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. | ||||
| CVE-1999-0769 | 4 Caldera, Debian, Paul Vixie and 1 more | 4 Openlinux, Debian Linux, Vixie Cron and 1 more | 2025-04-03 | N/A |
| Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. | ||||
| CVE-2001-0572 | 3 Openbsd, Redhat, Ssh | 3 Openssh, Linux, Ssh | 2025-04-03 | N/A |
| The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands. | ||||
| CVE-2001-0731 | 2 Apache, Redhat | 3 Http Server, Linux, Secure Web Server | 2025-04-03 | N/A |
| Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string. | ||||
| CVE-2001-0816 | 2 Openbsd, Redhat | 2 Openssh, Linux | 2025-04-03 | N/A |
| OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands. | ||||
| CVE-2001-0889 | 2 Redhat, University Of Cambridge | 3 Linux, Powertools, Exim | 2025-04-03 | N/A |
| Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters. | ||||