Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Redhat Subscribe
Filtered by product Fedora Core
Total 82 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-0453 1 Redhat 1 Fedora Core 2017-07-19 7.8 HIGH N/A
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite.
CVE-2006-0452 1 Redhat 1 Fedora Core 2017-07-19 5.0 MEDIUM N/A
dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of "," (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite.
CVE-2006-0451 1 Redhat 1 Fedora Core 2017-07-19 5.0 MEDIUM N/A
Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite.
CVE-2005-0373 6 Apple, Conectiva, Cyrus and 3 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2017-07-10 7.5 HIGH N/A
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
CVE-2004-0889 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2017-07-10 10.0 HIGH N/A
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
CVE-2004-1171 3 Kde, Mandrakesoft, Redhat 3 Kde, Mandrake Linux, Fedora Core 2017-07-10 2.1 LOW N/A
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
CVE-2004-1067 3 Carnegie Mellon University, Redhat, Ubuntu 3 Cyrus Imap Server, Fedora Core, Ubuntu Linux 2017-07-10 10.0 HIGH N/A
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
CVE-2004-0986 4 Debian, Linux, Redhat and 1 more 4 Debian Linux, Linux Kernel, Fedora Core and 1 more 2017-07-10 7.5 HIGH N/A
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
CVE-2004-0802 9 Conectiva, Enlightenment, Imagemagick and 6 more 16 Linux, Imlib, Imlib2 and 13 more 2017-07-10 5.1 MEDIUM N/A
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
CVE-2004-0974 3 Mandrakesoft, Netatalk, Redhat 4 Mandrake Linux, Mandrake Linux Corporate Server, Open Source Apple File Share Protocol Suite and 1 more 2017-07-10 2.1 LOW N/A
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-0460 5 Infoblox, Isc, Mandrakesoft and 2 more 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more 2017-07-10 10.0 HIGH N/A
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
CVE-2004-1011 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more 6 Cyrus Imap Server, Linux, Openpkg and 3 more 2017-07-10 10.0 HIGH N/A
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
CVE-2004-1015 3 Carnegie Mellon University, Redhat, Ubuntu 3 Cyrus Imap Server, Fedora Core, Ubuntu Linux 2017-07-10 10.0 HIGH N/A
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
CVE-2004-0461 5 Infoblox, Isc, Mandrakesoft and 2 more 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more 2017-07-10 10.0 HIGH N/A
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
CVE-2004-1012 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more 6 Cyrus Imap Server, Linux, Openpkg and 3 more 2017-07-10 10.0 HIGH N/A
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
CVE-2004-1334 2 Linux, Redhat 3 Linux Kernel, Fedora Core, Linux 2017-07-10 2.1 LOW N/A
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.
CVE-2004-1013 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more 6 Cyrus Imap Server, Linux, Openpkg and 3 more 2016-12-07 10.0 HIGH N/A
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
CVE-2005-0754 5 Conectiva, Gentoo, Kde and 2 more 6 Linux, Linux, Kde and 3 more 2016-10-17 7.5 HIGH N/A
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
CVE-2007-6131 1 Redhat 1 Fedora Core 2011-03-07 2.1 LOW N/A
buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files.
CVE-2007-2874 1 Redhat 1 Fedora Core 2011-03-07 5.8 MEDIUM N/A
Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are obtained from third party information.