Search Results (10052 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0769 4 Caldera, Debian, Paul Vixie and 1 more 4 Openlinux, Debian Linux, Vixie Cron and 1 more 2026-04-16 N/A
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
CVE-2004-0833 1 Debian 1 Debian Linux 2026-04-16 N/A
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
CVE-2001-0193 2 Debian, Suse 2 Debian Linux, Suse Linux 2026-04-16 N/A
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
CVE-2004-0809 8 Apache, Debian, Gentoo and 5 more 12 Http Server, Debian Linux, Linux and 9 more 2026-04-16 N/A
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
CVE-2004-0772 4 Debian, Mit, Openpkg and 1 more 4 Debian Linux, Kerberos 5, Openpkg and 1 more 2026-04-16 9.8 Critical
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
CVE-2001-0170 4 Conectiva, Debian, Immunix and 1 more 4 Linux, Debian Linux, Immunix and 1 more 2026-04-16 N/A
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
CVE-2004-0770 2 Debian, Dgen 2 Debian Linux, Emulator 2026-04-16 N/A
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.
CVE-1999-1565 2 Debian, Earl Hood 2 Debian Linux, Man2html 2026-04-16 N/A
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2004-0689 3 Debian, Kde, Redhat 3 Debian Linux, Kde, Enterprise Linux 2026-04-16 7.1 High
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
CVE-2001-0139 5 Caldera, Debian, Immunix and 2 more 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more 2026-04-16 N/A
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2004-0643 3 Debian, Mit, Redhat 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more 2026-04-16 N/A
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
CVE-2004-0642 3 Debian, Mit, Redhat 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more 2026-04-16 N/A
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
CVE-2001-0138 4 Debian, Immunix, Mandrakesoft and 1 more 5 Debian Linux, Immunix, Mandrake Linux and 2 more 2026-04-16 N/A
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-0594 7 Avaya, Debian, Hp and 4 more 9 Converged Communications Server, Debian Linux, Hp-ux and 6 more 2026-04-16 N/A
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
CVE-1999-1496 3 Debian, Redhat, Todd Miller 3 Debian Linux, Linux, Sudo 2026-04-16 N/A
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
CVE-1999-0743 1 Debian 1 Debian Linux 2026-04-16 N/A
Trn allows local users to overwrite other users' files via symlinks.
CVE-2004-0583 3 Debian, Usermin, Webmin 3 Debian Linux, Usermin, Webmin 2026-04-16 N/A
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
CVE-2001-0136 4 Conectiva, Debian, Mandrakesoft and 1 more 4 Linux, Debian Linux, Mandrake Linux and 1 more 2026-04-16 N/A
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
CVE-1999-0381 2 Debian, Linux 2 Debian Linux, Linux Kernel 2026-04-16 N/A
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
CVE-2022-39177 3 Bluez, Canonical, Debian 3 Bluez, Ubuntu Linux, Debian Linux 2026-04-15 8.8 High
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.