Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
15552 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0082 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | ||||
| CVE-2004-0097 | 2 Openh323 Project, Redhat | 3 Pwlib, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | ||||
| CVE-2004-0094 | 2 Redhat, Xfree86 Project | 2 Enterprise Linux, X11r6 | 2025-04-03 | N/A |
| Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI). | ||||
| CVE-2004-0109 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. | ||||
| CVE-2004-0138 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped. | ||||
| CVE-2004-0180 | 2 Cvs, Redhat | 3 Cvs, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405. | ||||
| CVE-2004-0177 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device. | ||||
| CVE-2004-0178 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes. | ||||
| CVE-2004-0183 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-03 | N/A |
| TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. | ||||
| CVE-2004-0185 | 2 Redhat, Washington University | 2 Enterprise Linux, Wu-ftpd | 2025-04-03 | N/A |
| Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name. | ||||
| CVE-2004-0184 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-03 | N/A |
| Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. | ||||
| CVE-2004-0191 | 2 Mozilla, Redhat | 3 Mozilla, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events. | ||||
| CVE-2004-0403 | 2 Kame, Redhat | 2 Racoon, Enterprise Linux | 2025-04-03 | N/A |
| Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field. | ||||
| CVE-2004-0422 | 2 Gnu, Redhat | 2 Flim, Enterprise Linux | 2025-04-03 | N/A |
| flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack. | ||||
| CVE-2004-0411 | 2 Kde, Redhat | 2 Konqueror, Enterprise Linux | 2025-04-03 | N/A |
| The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code. | ||||
| CVE-2004-0416 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2025-04-03 | N/A |
| Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-0418 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2025-04-03 | N/A |
| serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | ||||
| CVE-2004-0427 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call. | ||||
| CVE-2004-0491 | 1 Redhat | 1 Enterprise Linux | 2025-04-03 | N/A |
| The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit. | ||||
| CVE-2004-0505 | 3 Ethereal Group, Redhat, Sgi | 3 Ethereal, Enterprise Linux, Propack | 2025-04-03 | N/A |
| The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors. | ||||