Filtered by vendor Redhat Subscriptions
Total 23519 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-0233 5 Mozilla, Omnigroup, Opera and 2 more 7 Camino, Firefox, Mozilla and 4 more 2026-04-16 N/A
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVE-2005-0237 2 Kde, Redhat 3 Kde, Konqueror, Enterprise Linux 2026-04-16 N/A
The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVE-2001-0309 1 Redhat 1 Linux 2026-04-16 N/A
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.
CVE-2005-0244 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command.
CVE-2004-0111 3 Gnome, Redhat, Sgi 6 Gdkpixbuf, Enterprise Linux, Gdk Pixbuf and 3 more 2026-04-16 N/A
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
CVE-2005-0246 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service (crash) via crafted arrays.
CVE-2005-0247 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
CVE-2005-0255 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.
CVE-2004-0182 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
CVE-2004-0185 2 Redhat, Washington University 2 Enterprise Linux, Wu-ftpd 2026-04-16 N/A
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
CVE-2005-0201 2 D-bus, Redhat 2 D-bus, Enterprise Linux 2026-04-16 N/A
D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket.
CVE-2005-0202 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.
CVE-2002-0011 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login.
CVE-2001-0191 3 Andynorman, Gnu, Redhat 4 Gnuserv, Xemacs, Linux and 1 more 2026-04-16 N/A
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.
CVE-2005-0143 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.
CVE-2005-1761 3 Novell, Redhat, Suse 4 Linux Desktop, Open Enterprise Server, Enterprise Linux and 1 more 2026-04-16 N/A
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
CVE-2005-0144 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
CVE-2005-0146 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation.
CVE-2005-0147 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.
CVE-2005-1762 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.