linux

Source repositories

https://github.com/torvalds/linux

CVEs (3,007)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2004-1009	Midnight Commander Midnight Commander	—	0.03	Apr 14, 2005	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2004-1174	Midnight Commander Midnight Commander	—	0.01	Apr 14, 2005	direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
CVE-2004-1004	Midnight Commander Midnight Commander	—	0.02	Apr 14, 2005	Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
CVE-2004-1093	Midnight Commander Midnight Commander	—	0.02	Apr 14, 2005	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
CVE-2004-1005	Midnight Commander Midnight Commander	—	0.02	Apr 14, 2005	Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
CVE-2004-1175	Midnight Commander Midnight Commander	—	0.02	Apr 14, 2005	fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
CVE-2004-1090	Midnight Commander Midnight Commander	—	0.02	Apr 14, 2005	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
CVE-2004-1027	Arjsoftware Unarj	—	0.03	Mar 1, 2005	Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.
CVE-2004-1051	Todd Miller Sudo	—	0.01	Mar 1, 2005	sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
CVE-2004-0986	Iptables iptables	—	0.02	Mar 1, 2005	Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
CVE-2004-1052	Bnc Bnc	—	0.04	Mar 1, 2005	Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
CVE-2004-0980	File Project Linux	—	0.04	Feb 9, 2005	Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
CVE-2004-0981	ImageMagick Imagemagick	—	0.06	Feb 9, 2005	Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
CVE-2004-0889	Xpdf Xpdf	—	0.06	Jan 27, 2005	Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
CVE-2004-1340	Debian linux	—	0.00	Jan 26, 2005	Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.
CVE-2004-0994	Zgv Zgv Image Viewer	—	0.05	Jan 10, 2005	Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and…
CVE-2004-1076	Atari800 Atari800	—	0.01	Jan 10, 2005	Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
CVE-2004-0915	Viewvc Viewcvs	—	0.01	Jan 10, 2005	Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
CVE-2004-1014	NFS Utils nfs-utils	—	0.02	Jan 10, 2005	statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
CVE-2004-0770	Dgen Emulator	—	0.00	Jan 10, 2005	romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.

CVE-2004-1009Apr 14, 2005
Midnight Commander
Midnight Commander
risk 0.00cvss —epss 0.03
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2004-1174Apr 14, 2005
Midnight Commander
Midnight Commander
risk 0.00cvss —epss 0.01
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
CVE-2004-1004Apr 14, 2005
Midnight Commander
Midnight Commander
risk 0.00cvss —epss 0.02
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
CVE-2004-1093Apr 14, 2005
Midnight Commander
Midnight Commander
risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
CVE-2004-1005Apr 14, 2005
Midnight Commander
Midnight Commander
risk 0.00cvss —epss 0.02
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
CVE-2004-1175Apr 14, 2005
Midnight Commander
Midnight Commander
risk 0.00cvss —epss 0.02
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
CVE-2004-1090Apr 14, 2005
Midnight Commander
Midnight Commander
risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
CVE-2004-1027Mar 1, 2005
Arjsoftware
Unarj
risk 0.00cvss —epss 0.03
Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.
CVE-2004-1051Mar 1, 2005
Todd Miller
Sudo
risk 0.00cvss —epss 0.01
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
CVE-2004-0986Mar 1, 2005
Iptables
iptables
risk 0.00cvss —epss 0.02
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
CVE-2004-1052Mar 1, 2005
Bnc
Bnc
risk 0.00cvss —epss 0.04
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
CVE-2004-0980Feb 9, 2005
File Project
Linux
risk 0.00cvss —epss 0.04
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
CVE-2004-0981Feb 9, 2005
ImageMagick
Imagemagick
risk 0.00cvss —epss 0.06
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
CVE-2004-0889Jan 27, 2005
Xpdf
Xpdf
risk 0.00cvss —epss 0.06
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
CVE-2004-1340Jan 26, 2005
Debian
linux
risk 0.00cvss —epss 0.00
Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.
CVE-2004-0994Jan 10, 2005
Zgv
Zgv Image Viewer
risk 0.00cvss —epss 0.05
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and…
CVE-2004-1076Jan 10, 2005
Atari800
Atari800
risk 0.00cvss —epss 0.01
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
CVE-2004-0915Jan 10, 2005
Viewvc
Viewcvs
risk 0.00cvss —epss 0.01
Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
CVE-2004-1014Jan 10, 2005
NFS Utils
nfs-utils
risk 0.00cvss —epss 0.02
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
CVE-2004-0770Jan 10, 2005
Dgen
Emulator
risk 0.00cvss —epss 0.00
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.

Page 146 of 151