Search Results (199 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1422 1 Gentoo 1 Syslinux 2026-04-16 N/A
Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors.
CVE-2002-1337 8 Gentoo, Hp, Netbsd and 5 more 11 Linux, Alphaserver Sc, Hp-ux and 8 more 2026-04-16 N/A
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVE-2005-3626 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3625 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
CVE-2005-3624 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
CVE-2004-0649 2 Gentoo, L2tpd 2 Linux, L2tpd 2026-04-16 N/A
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
CVE-2004-0232 5 Gentoo, Midnight Commander, Redhat and 2 more 6 Linux, Midnight Commander, Enterprise Linux and 3 more 2026-04-16 N/A
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-0565 5 Gentoo, Linux, Mandrakesoft and 2 more 7 Linux, Linux Kernel, Mandrake Linux and 4 more 2026-04-16 N/A
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
CVE-2005-0754 5 Conectiva, Gentoo, Kde and 2 more 6 Linux, Linux, Kde and 3 more 2026-04-16 N/A
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
CVE-2004-0809 8 Apache, Debian, Gentoo and 5 more 12 Http Server, Debian Linux, Linux and 9 more 2026-04-16 N/A
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
CVE-2004-1106 2 Gallery Project, Gentoo 2 Gallery, Linux 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
CVE-2005-2557 3 Debian, Gentoo, Mantis 3 Debian Linux, Linux, Mantis 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090.
CVE-2004-0224 3 Double Precision Incorporated, Gentoo, Inter7 4 Courier Mta, Sqwebmail, Linux and 1 more 2026-04-16 N/A
Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."
CVE-2004-1032 2 Gentoo, Thibault Godouet 2 Linux, Fcron 2026-04-16 N/A
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string.
CVE-2004-1031 2 Gentoo, Thibault Godouet 2 Linux, Fcron 2026-04-16 N/A
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.
CVE-2004-1108 1 Gentoo 1 Linux 2026-04-16 N/A
qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.
CVE-2004-1110 2 Gentoo, Jean-jacques Sarton 2 Linux, Mtink 2026-04-16 N/A
The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file.
CVE-2004-1115 1 Gentoo 1 Linux 2026-04-16 N/A
The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
CVE-2004-0604 2 Gentoo, Gift-fasttrack 2 Linux, Gift-fasttrack 2026-04-16 N/A
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.
CVE-2004-0981 5 Debian, Gentoo, Imagemagick and 2 more 5 Debian Linux, Linux, Imagemagick and 2 more 2026-04-16 N/A
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.