Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15632 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2276 | 2 Quagga, Redhat | 2 Quagga, Enterprise Linux | 2025-04-03 | N/A |
| bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface. | ||||
| CVE-2006-2275 | 3 Canonical, Lksctp, Redhat | 3 Ubuntu Linux, Stream Control Transmission Protocol, Enterprise Linux | 2025-04-03 | 7.5 High |
| Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer." | ||||
| CVE-2001-1269 | 2 Info-zip, Redhat | 3 Unzip, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character. | ||||
| CVE-2006-2274 | 2 Lksctp, Redhat | 2 Stream Control Transmission Protocol, Enterprise Linux | 2025-04-03 | N/A |
| Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function. | ||||
| CVE-2003-0432 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors. | ||||
| CVE-2003-0018 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption. | ||||
| CVE-2003-0028 | 11 Cray, Freebsd, Gnu and 8 more | 15 Unicos, Freebsd, Glibc and 12 more | 2025-04-03 | N/A |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. | ||||
| CVE-2003-0056 | 2 Redhat, Slocate | 2 Enterprise Linux, Slocate | 2025-04-03 | N/A |
| Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument. | ||||
| CVE-2003-0058 | 3 Mit, Redhat, Sun | 6 Kerberos 5, Enterprise Linux, Linux and 3 more | 2025-04-03 | N/A |
| MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | ||||
| CVE-2003-0063 | 3 Redhat, Xfree86, Xfree86 Project | 4 Enterprise Linux, Linux, Xfree86 and 1 more | 2025-04-03 | 7.3 High |
| The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0071 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2025-04-03 | N/A |
| The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | ||||
| CVE-2003-0072 | 2 Mit, Redhat | 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). | ||||
| CVE-2003-0078 | 4 Freebsd, Openbsd, Openssl and 1 more | 6 Freebsd, Openbsd, Openssl and 3 more | 2025-04-03 | N/A |
| ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." | ||||
| CVE-2003-0084 | 2 Mod Auth Any, Redhat | 3 Mod Auth Any, Enterprise Linux, Linux | 2025-04-03 | N/A |
| mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2003-0093 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop. | ||||
| CVE-2003-0107 | 2 Redhat, Zlib | 3 Enterprise Linux, Linux, Zlib | 2025-04-03 | N/A |
| Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code. | ||||
| CVE-2003-0124 | 2 Andries Brouwer, Redhat | 3 Man, Enterprise Linux, Linux | 2025-04-03 | N/A |
| man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. | ||||
| CVE-2003-0131 | 2 Openssl, Redhat | 4 Openssl, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack." | ||||
| CVE-2003-0136 | 2 Astart Technologies, Redhat | 3 Lprng, Enterprise Linux, Linux | 2025-04-03 | N/A |
| psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file. | ||||
| CVE-2003-0138 | 2 Mit, Redhat | 3 Kerberos, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack. | ||||