VYPR

Vendor CVEs

Red Hat

All CVEs

3,692 total · sorted by risk
  • CVE-2004-1026Jan 10, 2005
    risk 0.00cvss epss 0.05

    Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.

  • CVE-2004-1015Jan 10, 2005
    risk 0.00cvss epss 0.05

    Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.

  • CVE-2004-1070Jan 10, 2005
    risk 0.00cvss epss 0.01

    The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid…

  • CVE-2004-1072Jan 10, 2005
    risk 0.00cvss epss 0.01

    The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to…

  • CVE-2004-1012Jan 10, 2005
    risk 0.00cvss epss 0.06

    The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to…

  • CVE-2004-1269Jan 10, 2005
    risk 0.00cvss epss 0.09

    lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.

  • CVE-2004-1158Jan 10, 2005
    risk 0.00cvss epss 0.03

    Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a…

  • CVE-2004-2392Dec 31, 2004
    risk 0.00cvss epss 0.02

    libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

  • CVE-2004-0491Dec 31, 2004
    risk 0.00cvss epss 0.00

    The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.

  • CVE-2004-0802Dec 31, 2004
    risk 0.00cvss epss 0.03

    Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

  • CVE-2004-0817Dec 31, 2004
    risk 0.00cvss epss 0.05

    Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

  • CVE-2004-0685Dec 23, 2004
    risk 0.00cvss epss 0.00

    Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.

  • CVE-2004-1139Dec 15, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

  • CVE-2004-1145Dec 15, 2004
    risk 0.00cvss epss 0.04

    Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read…

  • CVE-2004-1142Dec 15, 2004
    risk 0.00cvss epss 0.02

    Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

  • CVE-2004-0634Dec 6, 2004
    risk 0.00cvss epss 0.05

    The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

  • CVE-2004-0619Dec 6, 2004
    risk 0.00cvss epss 0.00

    Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.

  • CVE-2004-0607Dec 6, 2004
    risk 0.00cvss epss 0.05

    The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.

  • CVE-2004-0635Dec 6, 2004
    risk 0.00cvss epss 0.05

    The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

  • CVE-2004-0494Nov 23, 2004
    risk 0.00cvss epss 0.02

    Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.

  • CVE-2004-0750Oct 20, 2004
    risk 0.00cvss epss 0.01

    Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.

  • CVE-2004-1613Oct 18, 2004
    risk 0.00cvss epss 0.02

    Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated…

  • CVE-2005-0373Oct 7, 2004
    risk 0.00cvss epss 0.04

    Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

  • CVE-2004-0643Sep 28, 2004
    risk 0.00cvss epss 0.01

    Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.

  • CVE-2004-0827Sep 16, 2004
    risk 0.00cvss epss 0.06

    Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

  • CVE-2004-0905Sep 14, 2004
    risk 0.00cvss epss 0.03

    Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

  • CVE-2004-0235Aug 18, 2004
    risk 0.00cvss epss 0.04

    Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").

  • CVE-2004-0421Aug 18, 2004
    risk 0.00cvss epss 0.04

    The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.

  • CVE-2004-0587Aug 6, 2004
    risk 0.00cvss epss 0.00

    Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

  • CVE-2004-0495Aug 6, 2004
    risk 0.00cvss epss 0.00

    Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.

  • CVE-2004-0488Jul 7, 2004
    risk 0.00cvss epss 0.38

    Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.

  • CVE-2004-0107Apr 15, 2004
    risk 0.00cvss epss 0.00

    The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.

  • CVE-2004-0108Apr 15, 2004
    risk 0.00cvss epss 0.00

    The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.

  • CVE-2004-0111Apr 15, 2004
    risk 0.00cvss epss 0.02

    gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.

  • CVE-2003-0989Feb 17, 2004
    risk 0.00cvss epss 0.05

    tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.

  • CVE-2003-0700Feb 17, 2004
    risk 0.00cvss epss 0.02

    The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699.

  • CVE-2003-1295Dec 31, 2003
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."

  • CVE-2003-0900Dec 31, 2003
    risk 0.00cvss epss 0.01

    Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.

  • CVE-2003-0857Dec 31, 2003
    risk 0.00cvss epss 0.00

    The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

  • CVE-2003-0986Dec 31, 2003
    risk 0.00cvss epss 0.00

    Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.

  • CVE-2003-0859Dec 15, 2003
    risk 0.00cvss epss 0.00

    The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

  • CVE-2003-0688Oct 20, 2003
    risk 0.00cvss epss 0.03

    The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect…

  • CVE-2003-0689Oct 20, 2003
    risk 0.00cvss epss 0.02

    The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.

  • CVE-2003-0551Aug 27, 2003
    risk 0.00cvss epss 0.02

    The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.

  • CVE-2003-0546Aug 27, 2003
    risk 0.00cvss epss 0.01

    up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.

  • CVE-2003-0699Aug 27, 2003
    risk 0.00cvss epss 0.02

    The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700.

  • CVE-2003-0464Aug 27, 2003
    risk 0.00cvss epss 0.00

    The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.

  • CVE-2003-0550Aug 27, 2003
    risk 0.00cvss epss 0.02

    The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.

  • CVE-2003-0552Aug 27, 2003
    risk 0.00cvss epss 0.03

    Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.

  • CVE-2003-0548Aug 27, 2003
    risk 0.00cvss epss 0.01

    The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.

Page 71 of 74