Search Results (16512 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0940 7 Apache, Hp, Openpkg and 4 more 9 Http Server, Hp-ux, Openpkg and 6 more 2026-04-16 7.8 High
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
CVE-2003-0774 2 Redhat, Sane 4 Enterprise Linux, Linux, Sane and 1 more 2026-04-16 N/A
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed.
CVE-2002-1510 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, X11r6 2026-04-16 N/A
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.
CVE-2002-0875 3 Debian, Redhat, Sgi 4 Debian Linux, Enterprise Linux, Fam and 1 more 2026-04-16 N/A
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
CVE-2002-0404 2 Ethereal Group, Redhat 4 Ethereal, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).
CVE-2005-3351 2 Apache, Redhat 2 Spamassassin, Enterprise Linux 2026-04-16 N/A
SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl.
CVE-2005-3350 2 Libungif, Redhat 2 Libungif, Enterprise Linux 2026-04-16 N/A
libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
CVE-2004-0938 2 Freeradius, Redhat 2 Freeradius, Enterprise Linux 2026-04-16 N/A
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
CVE-2005-3313 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).
CVE-2005-3276 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
CVE-2004-0930 5 Conectiva, Gentoo, Redhat and 2 more 8 Linux, Linux, Enterprise Linux and 5 more 2026-04-16 N/A
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
CVE-2003-0773 2 Redhat, Sane 4 Enterprise Linux, Linux, Sane and 1 more 2026-04-16 N/A
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.
CVE-2005-3275 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption.
CVE-2005-3274 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2026-04-16 4.7 Medium
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired.
CVE-2004-0923 3 Apple, Easy Software Products, Redhat 4 Mac Os X, Mac Os X Server, Cups and 1 more 2026-04-16 N/A
CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.
CVE-2005-3273 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats.
CVE-2005-3272 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.
CVE-2004-0918 6 Gentoo, Openpkg, Redhat and 3 more 7 Linux, Openpkg, Enterprise Linux and 4 more 2026-04-16 N/A
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
CVE-2003-0740 2 Redhat, Stunnel 3 Enterprise Linux, Linux, Stunnel 2026-04-16 N/A
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
CVE-2002-1509 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.