Search Results (10202 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2960 2 Debian, Gnu 2 Debian Linux, Cfengine 2026-04-16 N/A
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
CVE-2006-1844 1 Debian 2 Base-config, Shadow 2026-04-16 N/A
The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
CVE-2003-0308 2 Debian, Sendmail 2 Debian Linux, Sendmail 2026-04-16 N/A
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
CVE-2001-0763 3 Debian, Redhat, Suse 3 Debian Linux, Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
CVE-2001-0456 1 Debian 1 Debian Linux 2026-04-16 N/A
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
CVE-2005-1151 1 Debian 1 Qpopper 2026-04-16 N/A
qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root.
CVE-2005-1260 5 Apple, Bzip, Canonical and 2 more 5 Mac Os X, Bzip2, Ubuntu Linux and 2 more 2026-04-16 N/A
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVE-1999-0872 4 Caldera, Debian, Paul Vixie and 1 more 4 Openlinux, Debian Linux, Vixie Cron and 1 more 2026-04-16 N/A
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
CVE-2005-0625 1 Debian 1 Reportbug 2026-04-16 N/A
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.
CVE-2004-1092 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2026-04-16 N/A
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
CVE-2006-1564 1 Debian 1 Debian Linux 2026-04-16 N/A
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory.
CVE-2006-1565 1 Debian 1 Debian Linux 2026-04-16 N/A
Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory.
CVE-2006-1566 1 Debian 1 Debian Linux 2026-04-16 N/A
Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory.
CVE-2006-1531 2 Debian, Mozilla 4 Debian Linux, Firefox, Seamonkey and 1 more 2026-04-16 N/A
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.
CVE-1999-0341 2 Debian, Slackware 2 Debian Linux, Slackware Linux 2026-04-16 N/A
Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.
CVE-1999-0048 3 Debian, Ibm, Nec 5 Netkit, Aix, Asl Ux 4800 and 2 more 2026-04-16 N/A
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
CVE-2006-1376 1 Debian 1 Debian Linux 2026-04-16 N/A
The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption).
CVE-2006-1244 4 Debian, Gnome, Libextractor and 1 more 4 Debian Linux, Gpdf, Libextractor and 1 more 2026-04-16 N/A
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
CVE-2005-3912 2 Debian, Webmin 2 Debian Linux, Webmin 2026-04-16 N/A
Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary code via format string specifiers in the username parameter to the login form, which is ultimately used in a syslog call. NOTE: the code execution might be associated with an issue in Perl.
CVE-2006-4093 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2026-04-16 N/A
Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."