Export limit exceeded: 16384 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (16384 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3352 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Network Proxy and 2 more | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps. | ||||
| CVE-2005-3351 | 2 Apache, Redhat | 2 Spamassassin, Enterprise Linux | 2026-04-16 | N/A |
| SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl. | ||||
| CVE-2004-0938 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet. | ||||
| CVE-2003-0773 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2026-04-16 | N/A |
| saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf. | ||||
| CVE-2002-1510 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2026-04-16 | N/A |
| xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | ||||
| CVE-2002-0875 | 3 Debian, Redhat, Sgi | 4 Debian Linux, Enterprise Linux, Fam and 1 more | 2026-04-16 | N/A |
| Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. | ||||
| CVE-2002-0404 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2005-3350 | 2 Libungif, Redhat | 2 Libungif, Enterprise Linux | 2026-04-16 | N/A |
| libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write. | ||||
| CVE-2005-3313 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop). | ||||
| CVE-2004-0930 | 5 Conectiva, Gentoo, Redhat and 2 more | 8 Linux, Linux, Enterprise Linux and 5 more | 2026-04-16 | N/A |
| The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. | ||||
| CVE-2005-3276 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information. | ||||
| CVE-2005-3275 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption. | ||||
| CVE-2004-0923 | 3 Apple, Easy Software Products, Redhat | 4 Mac Os X, Mac Os X Server, Cups and 1 more | 2026-04-16 | N/A |
| CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords. | ||||
| CVE-2003-0740 | 2 Redhat, Stunnel | 3 Enterprise Linux, Linux, Stunnel | 2026-04-16 | N/A |
| Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server. | ||||
| CVE-2005-3274 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2026-04-16 | 4.7 Medium |
| Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. | ||||
| CVE-2005-3273 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats. | ||||
| CVE-2004-0918 | 6 Gentoo, Openpkg, Redhat and 3 more | 7 Linux, Openpkg, Enterprise Linux and 4 more | 2026-04-16 | N/A |
| The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | ||||
| CVE-2005-3272 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets. | ||||
| CVE-2005-3257 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys. | ||||
| CVE-2004-0914 | 6 Gentoo, Lesstif, Redhat and 3 more | 8 Linux, Lesstif, Enterprise Linux and 5 more | 2026-04-16 | N/A |
| Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions. | ||||