VYPR

Vendor CVEs

Red Hat

All CVEs

3,692 total · sorted by risk
  • CVE-2007-2874Jul 27, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are…

  • CVE-2007-3104Jun 26, 2007
    risk 0.00cvss epss 0.00

    The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry.

  • CVE-2007-0773Jun 26, 2007
    risk 0.00cvss epss 0.00

    The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users to cause a denial of service (kernel OOPS from null dereference) via fput in a 32-bit ioctl on 64-bit x86 systems, an incomplete fix of CVE-2005-3044.1.

  • CVE-2007-3374Jun 25, 2007
    risk 0.00cvss epss 0.01

    Buffer overflow in cluster/cman/daemon/daemon.c in cman (redhat-cluster-suite) before 20070622 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long client messages.

  • CVE-2007-3373Jun 25, 2007
    risk 0.00cvss epss 0.01

    daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests, which might allow local users to obtain sensitive information from previous requests.

  • CVE-2007-3304Jun 20, 2007
    risk 0.00cvss epss 0.03

    Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1…

  • CVE-2007-3100Jun 14, 2007
    risk 0.00cvss epss 0.00

    usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the…

  • CVE-2007-3099Jun 14, 2007
    risk 0.00cvss epss 0.01

    usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or…

  • CVE-2007-1864May 9, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

  • CVE-2007-0771May 2, 2007
    risk 0.00cvss epss 0.00

    The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.

  • CVE-2007-2030Apr 16, 2007
    risk 0.00cvss epss 0.00

    lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.

  • CVE-2007-1351Apr 6, 2007
    risk 0.00cvss epss 0.06

    Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

  • CVE-2007-1352Apr 6, 2007
    risk 0.00cvss epss 0.02

    Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

  • CVE-2006-7176Mar 27, 2007
    risk 0.00cvss epss 0.02

    The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.

  • CVE-2007-1716Mar 27, 2007
    risk 0.00cvss epss 0.00

    pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.

  • CVE-2007-1462Mar 15, 2007
    risk 0.00cvss epss 0.01

    The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a "view source" or other…

  • CVE-2006-5753Jan 30, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.

  • CVE-2006-6235Dec 7, 2006
    risk 0.00cvss epss 0.06

    A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

  • CVE-2006-4811Oct 18, 2006
    risk 0.00cvss epss 0.04

    Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap…

  • CVE-2006-5170Oct 10, 2006
    risk 0.00cvss epss 0.04

    pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to…

  • CVE-2006-2932Aug 23, 2006
    risk 0.00cvss epss 0.00

    A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors.

  • CVE-2006-3813Aug 11, 2006
    risk 0.00cvss epss 0.00

    A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information.

  • CVE-2006-2933Jul 27, 2006
    risk 0.00cvss epss 0.00

    kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.

  • CVE-2006-0451Feb 14, 2006
    risk 0.00cvss epss 0.02

    Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf…

  • CVE-2006-0453Feb 14, 2006
    risk 0.00cvss epss 0.02

    The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite.

  • CVE-2006-0452Feb 14, 2006
    risk 0.00cvss epss 0.02

    dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of "," (comma) characters, which results in a large amount of…

  • CVE-2005-3630Dec 31, 2005
    risk 0.00cvss epss 0.01

    Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.

  • CVE-2005-3624Dec 31, 2005
    risk 0.00cvss epss 0.02

    The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer…

  • CVE-2005-4709Dec 31, 2005
    risk 0.00cvss epss 0.02

    The popSubjectContext method in the SecurityAssociation class in JBoss Enterprise Java Beans (EJB) 3.0 RC3 maintains the threadPrincipal and threadCredential values from a previous client's authentication after termination of a client session, which allows remote attackers to…

  • CVE-2005-3626Dec 31, 2005
    risk 0.00cvss epss 0.03

    Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

  • CVE-2005-1918Dec 31, 2005
    risk 0.00cvss epss 0.03

    The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences…

  • CVE-2005-3629Dec 31, 2005
    risk 0.00cvss epss 0.00

    initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors.

  • CVE-2005-3625Dec 31, 2005
    risk 0.00cvss epss 0.04

    Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka…

  • CVE-2005-3631Dec 22, 2005
    risk 0.00cvss epss 0.00

    udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords.

  • CVE-2005-2100Oct 25, 2005
    risk 0.00cvss epss 0.00

    The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).

  • CVE-2005-3269Oct 20, 2005
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5)…

  • CVE-2005-2104Oct 7, 2005
    risk 0.00cvss epss 0.00

    sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory.

  • CVE-2005-2492Sep 14, 2005
    risk 0.00cvss epss 0.00

    The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.

  • CVE-2005-0403Sep 1, 2005
    risk 0.00cvss epss 0.00

    init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that…

  • CVE-2005-1760Jun 13, 2005
    risk 0.00cvss epss 0.02

    sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.

  • CVE-2005-0757May 18, 2005
    risk 0.00cvss epss 0.00

    The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with extended attributes enabled.

  • CVE-2005-1194May 4, 2005
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

  • CVE-2005-0086May 2, 2005
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale.

  • CVE-2005-0091May 2, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls.

  • CVE-2005-0078May 2, 2005
    risk 0.00cvss epss 0.00

    The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.

  • CVE-2005-1038May 2, 2005
    risk 0.00cvss epss 0.01

    crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.

  • CVE-2005-0001May 2, 2005
    risk 0.00cvss epss 0.01

    Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and…

  • CVE-2005-0337May 2, 2005
    risk 0.00cvss epss 0.03

    Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.

  • CVE-2005-0988May 2, 2005
    risk 0.00cvss epss 0.01

    Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is…

  • CVE-2005-0207May 2, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

Page 69 of 74