Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15552 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0976 | 2 Larry Wall, Redhat | 2 Perl, Enterprise Linux | 2025-04-03 | N/A |
| Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2004-0968 | 2 Gnu, Redhat | 3 Glibc, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | N/A |
| The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2004-0967 | 2 Aladdin Enterprises, Redhat | 2 Ghostscript, Enterprise Linux | 2025-04-03 | N/A |
| The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files. | ||||
| CVE-2004-0961 | 2 Freeradius, Redhat | 3 Freeradius, Enterprise Linux, Fedora Core | 2025-04-03 | N/A |
| Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes. | ||||
| CVE-2004-0947 | 4 Arj Software Inc., Gentoo, Redhat and 1 more | 4 Unarj, Linux, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. | ||||
| CVE-2004-0946 | 2 Nfs, Redhat | 3 Nfs-utils, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | N/A |
| rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request. | ||||
| CVE-2004-0906 | 2 Mozilla, Redhat | 3 Mozilla, Thunderbird, Enterprise Linux | 2025-04-03 | N/A |
| The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code. | ||||
| CVE-2004-0903 | 4 Conectiva, Mozilla, Redhat and 1 more | 9 Linux, Mozilla, Thunderbird and 6 more | 2025-04-03 | N/A |
| Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. | ||||
| CVE-2004-0902 | 4 Conectiva, Mozilla, Redhat and 1 more | 9 Linux, Mozilla, Thunderbird and 6 more | 2025-04-03 | N/A |
| Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname. | ||||
| CVE-2004-0891 | 5 Gentoo, Redhat, Rob Flynn and 2 more | 5 Linux, Enterprise Linux, Gaim and 2 more | 2025-04-03 | N/A |
| Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. | ||||
| CVE-2004-0884 | 3 Conectiva, Cyrus, Redhat | 3 Linux, Sasl, Enterprise Linux | 2025-04-03 | N/A |
| The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs. | ||||
| CVE-2004-0823 | 3 Apple, Openldap, Redhat | 4 Mac Os X, Mac Os X Server, Openldap and 1 more | 2025-04-03 | N/A |
| OpenLDAP 1.0 through 2.1.19, as used in Apple Mac OS 10.3.4 and 10.3.5 and possibly other operating systems, may allow certain authentication schemes to use hashed (crypt) passwords in the userPassword attribute as if they were plaintext passwords, which allows remote attackers to re-use hashed passwords without decrypting them. | ||||
| CVE-2004-0815 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames. | ||||
| CVE-2004-0691 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2025-04-03 | N/A |
| Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. | ||||
| CVE-2004-0814 | 3 Linux, Redhat, Ubuntu | 3 Linux Kernel, Enterprise Linux, Ubuntu Linux | 2025-04-03 | N/A |
| Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. | ||||
| CVE-2004-0812 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop | 2025-04-03 | N/A |
| Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code. | ||||
| CVE-2004-0813 | 2 Ide-cd, Redhat | 2 Ide-cd, Enterprise Linux | 2025-04-03 | N/A |
| Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations. | ||||
| CVE-2004-0808 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | ||||
| CVE-2004-0804 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. | ||||
| CVE-2004-0806 | 2 Cdrtools, Redhat | 2 Cdrecord, Enterprise Linux | 2025-04-03 | N/A |
| cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges. | ||||