Search Results (6039 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0997 3 Millenux Gmbh, Redhat, University Of Washington 3 Anonftp, Linux, Wu-ftpd 2026-04-16 N/A
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
CVE-2002-1384 3 Easy Software Products, Redhat, Xpdf 4 Cups, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
CVE-2004-0888 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2026-04-16 N/A
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
CVE-2005-0180 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.
CVE-2001-0889 2 Redhat, University Of Cambridge 3 Linux, Powertools, Exim 2026-04-16 N/A
Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2002-1379 2 Openldap, Redhat 3 Openldap, Enterprise Linux, Linux 2026-04-16 N/A
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.
CVE-2002-1378 2 Openldap, Redhat 3 Openldap, Enterprise Linux, Linux 2026-04-16 N/A
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests.
CVE-1999-1182 6 Caldera, Debian, Delix and 3 more 6 Openlinux Lite, Debian Linux, Dld and 3 more 2026-04-16 N/A
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
CVE-2005-1264 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.
CVE-2001-0946 1 Redhat 1 Linux 2026-04-16 N/A
apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins.
CVE-2002-1377 2 Redhat, Vim Development Group 3 Enterprise Linux, Linux, Vim 2026-04-16 N/A
vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
CVE-2002-1375 3 Oracle, Redhat, Symantec Veritas 5 Mysql, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
CVE-2005-3108 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.
CVE-2005-3055 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.
CVE-2002-1511 3 Att, Redhat, Tightvnc 4 Vnc, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.
CVE-2002-1371 3 Apple, Easy Software Products, Redhat 3 Mac Os X, Cups, Linux 2026-04-16 N/A
filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.
CVE-2002-0970 2 Kde, Redhat 4 Kde, Konqueror, Enterprise Linux and 1 more 2026-04-16 N/A
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
CVE-2002-1365 2 Fetchmail, Redhat 3 Fetchmail, Enterprise Linux, Linux 2026-04-16 N/A
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses.
CVE-2002-1571 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.
CVE-2006-1864 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863.