Total
1884 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0812 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop | 2017-10-10 | 2.1 LOW | N/A |
Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code. | |||||
CVE-2005-0699 | 4 Altlinux, Conectiva, Ethereal Group and 1 more | 6 Alt Linux, Linux, Ethereal and 3 more | 2017-10-10 | 7.5 HIGH | N/A |
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values. | |||||
CVE-2005-0403 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2017-10-10 | 7.2 HIGH | N/A |
init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure. | |||||
CVE-2005-0398 | 6 Altlinux, Ipsec-tools, Kame and 3 more | 7 Alt Linux, Ipsec-tools, Racoon and 4 more | 2017-10-10 | 5.0 MEDIUM | N/A |
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. | |||||
CVE-2005-0337 | 3 Redhat, Suse, Wietse Venema | 4 Enterprise Linux, Enterprise Linux Desktop, Suse Linux and 1 more | 2017-10-10 | 7.5 HIGH | N/A |
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. | |||||
CVE-2005-0207 | 4 Conectiva, Linux, Redhat and 1 more | 5 Linux, Linux Kernel, Enterprise Linux and 2 more | 2017-10-10 | 2.1 LOW | N/A |
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. | |||||
CVE-2005-0206 | 15 Ascii, Cstex, Debian and 12 more | 22 Ptex, Cstetex, Debian Linux and 19 more | 2017-10-10 | 7.5 HIGH | N/A |
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | |||||
CVE-2008-4313 | 2 Openpegasus, Redhat | 3 Openpegasus Wbem, Enterprise Linux, Enterprise Linux Desktop | 2017-09-28 | 6.0 MEDIUM | N/A |
A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services. | |||||
CVE-2008-4315 | 2 Openpegasus, Redhat | 3 Openpegasus Wbem, Enterprise Linux, Enterprise Linux Desktop | 2017-09-28 | 6.8 MEDIUM | N/A |
tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier for remote attackers to avoid detection of password guessing attacks. | |||||
CVE-2008-1615 | 2 Amd, Redhat | 3 Amd64, Enterprise Linux, Enterprise Linux Desktop | 2017-09-28 | 4.9 MEDIUM | N/A |
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. | |||||
CVE-2008-1767 | 1 Redhat | 5 Desktop, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2017-09-28 | 7.5 HIGH | N/A |
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps. | |||||
CVE-2007-6282 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2017-09-28 | 7.1 HIGH | N/A |
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV. | |||||
CVE-2007-4130 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2017-09-28 | 7.2 HIGH | N/A |
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation. | |||||
CVE-2007-5001 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2017-09-28 | 4.9 MEDIUM | N/A |
Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file. | |||||
CVE-2007-5495 | 2 Redhat, Selinux | 3 Enterprise Linux, Enterprise Linux Desktop, Setroubleshoot | 2017-09-28 | 4.4 MEDIUM | N/A |
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file. | |||||
CVE-2007-5496 | 2 Redhat, Selinux | 3 Enterprise Linux, Enterprise Linux Desktop, Setroubleshoot | 2017-09-28 | 1.9 LOW | N/A |
Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert. | |||||
CVE-2009-2904 | 3 Fedoraproject, Openbsd, Redhat | 5 Fedora, Openssh, Enterprise Linux and 2 more | 2017-09-18 | 6.9 MEDIUM | N/A |
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership. | |||||
CVE-2015-5261 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more | 2017-09-15 | 3.6 LOW | 7.1 HIGH |
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation. | |||||
CVE-2015-8241 | 5 Canonical, Debian, Hp and 2 more | 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more | 2017-09-13 | 6.4 MEDIUM | N/A |
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data. | |||||
CVE-2015-8317 | 5 Canonical, Debian, Hp and 2 more | 9 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 6 more | 2017-09-13 | 5.0 MEDIUM | N/A |
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read. |