Filtered by vendor Redhat Subscriptions
Total 23512 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0011 8 Data General, Ibm, Isc and 5 more 11 Dg Ux, Aix, Bind and 8 more 2026-04-16 5.4 Medium
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
CVE-2000-0031 1 Redhat 1 Linux 2026-04-16 N/A
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
CVE-2003-1329 2 Redhat, Washington University 2 Enterprise Linux, Wu-ftpd 2026-04-16 N/A
ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service.
CVE-2001-1246 2 Php, Redhat 3 Php, Enterprise Linux, Linux 2026-04-16 N/A
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2003-0991 3 Gnu, Redhat, Sgi 3 Mailman, Enterprise Linux, Propack 2026-04-16 N/A
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
CVE-2004-1380 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
CVE-2003-0967 2 Freeradius, Redhat 2 Freeradius, Enterprise Linux 2026-04-16 N/A
rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.
CVE-2001-1083 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
CVE-2000-0336 4 Mandrakesoft, Openldap, Redhat and 1 more 4 Mandrake Linux, Openldap, Linux and 1 more 2026-04-16 N/A
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
CVE-2000-0286 1 Redhat 1 Linux 2026-04-16 N/A
X fontserver xfs allows local users to cause a denial of service via malformed input to the server.
CVE-2003-0432 2 Ethereal Group, Redhat 3 Ethereal, Enterprise Linux, Linux 2026-04-16 N/A
Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.
CVE-2003-0430 2 Ethereal Group, Redhat 3 Ethereal, Enterprise Linux, Linux 2026-04-16 N/A
The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value.
CVE-2003-0427 2 Miod Vallat, Redhat 2 Mikmod, Enterprise Linux 2026-04-16 N/A
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
CVE-2001-1030 6 Caldera, Immunix, Mandrakesoft and 3 more 8 Openlinux Server, Immunix, Mandrake Linux and 5 more 2026-04-16 N/A
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
CVE-2006-4569 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.
CVE-2006-1242 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks.
CVE-2001-1002 1 Redhat 1 Linux 2026-04-16 N/A
The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.
CVE-2000-0230 2 Halloween, Redhat 2 Halloween Linux, Linux 2026-04-16 N/A
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
CVE-2000-1009 2 Redhat, Trustix 2 Linux, Secure Linux 2026-04-16 N/A
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
CVE-2001-1028 1 Redhat 1 Linux 2026-04-16 N/A
Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.