Filtered by vendor Redhat Subscriptions
Total 23530 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0957 6 Openpkg, Oracle, Redhat and 3 more 8 Openpkg, Mysql, Enterprise Linux and 5 more 2026-04-16 N/A
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
CVE-2004-0967 2 Aladdin Enterprises, Redhat 2 Ghostscript, Enterprise Linux 2026-04-16 N/A
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files.
CVE-1999-0234 5 Caldera, Redhat, Sgi and 2 more 5 Openlinux, Linux, Irix and 2 more 2026-04-16 N/A
Bash treats any character with a value of 255 as a command separator.
CVE-2004-0974 3 Mandrakesoft, Netatalk, Redhat 4 Mandrake Linux, Mandrake Linux Corporate Server, Open Source Apple File Share Protocol Suite and 1 more 2026-04-16 N/A
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2005-2876 2 Andries Brouwer, Redhat 2 Util-linux, Enterprise Linux 2026-04-16 N/A
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags.
CVE-2004-0975 4 Gentoo, Mandrakesoft, Openssl and 1 more 6 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2026-04-16 N/A
The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-0981 5 Debian, Gentoo, Imagemagick and 2 more 5 Debian Linux, Linux, Imagemagick and 2 more 2026-04-16 N/A
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
CVE-2004-0938 2 Freeradius, Redhat 2 Freeradius, Enterprise Linux 2026-04-16 N/A
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
CVE-2005-1111 4 Canonical, Debian, Gnu and 1 more 4 Ubuntu Linux, Debian Linux, Cpio and 1 more 2026-04-16 4.7 Medium
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
CVE-2005-3732 2 Ipsec-tools, Redhat 2 Ipsec-tools, Enterprise Linux 2026-04-16 N/A
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
CVE-2002-0687 2 Redhat, Zope 2 Powertools, Zope 2026-04-16 N/A
The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers.
CVE-2002-0146 2 Fetchmail, Redhat 2 Fetchmail, Linux 2026-04-16 N/A
fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array.
CVE-2002-0162 2 Logwatch, Redhat 3 Logwatch, Linux, Powertools 2026-04-16 N/A
LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.
CVE-2005-2871 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
CVE-2004-0914 6 Gentoo, Lesstif, Redhat and 3 more 8 Linux, Lesstif, Enterprise Linux and 5 more 2026-04-16 N/A
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
CVE-2004-0918 6 Gentoo, Openpkg, Redhat and 3 more 7 Linux, Openpkg, Enterprise Linux and 4 more 2026-04-16 N/A
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
CVE-2004-0930 5 Conectiva, Gentoo, Redhat and 2 more 8 Linux, Linux, Enterprise Linux and 5 more 2026-04-16 N/A
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
CVE-2005-2629 2 Realnetworks, Redhat 5 Helix Player, Realone Player, Realplayer and 2 more 2026-04-16 N/A
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.
CVE-2005-1061 2 Logwatch, Redhat 3 Logwatch, Enterprise Linux, Linux Advanced Workstation 2026-04-16 N/A
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
CVE-2004-0908 2 Mozilla, Redhat 3 Mozilla, Thunderbird, Enterprise Linux 2026-04-16 N/A
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.