Filtered by vendor Redhat
Subscriptions
Filtered by product Fedora Core
Subscriptions
Total
81 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0986 | 4 Debian, Linux, Redhat and 1 more | 4 Debian Linux, Linux Kernel, Fedora Core and 1 more | 2025-04-03 | N/A |
| Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. | ||||
| CVE-2004-1072 | 5 Linux, Redhat, Suse and 2 more | 9 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-03 | N/A |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code. | ||||
| CVE-2004-1154 | 4 Redhat, Samba, Suse and 1 more | 5 Enterprise Linux, Fedora Core, Samba and 2 more | 2025-04-03 | N/A |
| Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. | ||||
| CVE-2005-0085 | 4 Htdig, Mandrakesoft, Redhat and 1 more | 6 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. | ||||
| CVE-2005-0156 | 7 Ibm, Larry Wall, Redhat and 4 more | 9 Aix, Perl, Enterprise Linux and 6 more | 2025-04-03 | N/A |
| Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. | ||||
| CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | N/A |
| Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | ||||
| CVE-2004-1267 | 2 Easy Software Products, Redhat | 3 Cups, Enterprise Linux, Fedora Core | 2025-04-03 | N/A |
| Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. | ||||
| CVE-2004-1268 | 2 Easy Software Products, Redhat | 3 Cups, Enterprise Linux, Fedora Core | 2025-04-03 | N/A |
| lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. | ||||
| CVE-2004-1333 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2025-04-03 | N/A |
| Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow. | ||||
| CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | N/A |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | ||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | ||||
| CVE-2004-0882 | 4 Conectiva, Redhat, Samba and 1 more | 7 Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2025-04-03 | N/A |
| Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | ||||
| CVE-2005-0750 | 5 Conectiva, Linux, Redhat and 2 more | 8 Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-03 | N/A |
| The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | ||||
| CVE-2004-1334 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2025-04-03 | N/A |
| Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. | ||||
| CVE-2004-0914 | 6 Gentoo, Lesstif, Redhat and 3 more | 8 Linux, Lesstif, Enterprise Linux and 5 more | 2025-04-03 | N/A |
| Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions. | ||||
| CVE-2004-0619 | 1 Redhat | 4 Enterprise Linux, Fedora Core, Kernel and 1 more | 2025-04-03 | N/A |
| Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow. | ||||
| CVE-2004-1335 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Fedora Core and 1 more | 2025-04-03 | N/A |
| Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. | ||||
| CVE-2005-0206 | 15 Ascii, Cstex, Debian and 12 more | 22 Ptex, Cstetex, Debian Linux and 19 more | 2025-04-03 | N/A |
| The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | ||||
| CVE-2004-1613 | 3 Mozilla, Redhat, Sgi | 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2025-04-03 | N/A |
| Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. | ||||