Search Results (91 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1154 4 Redhat, Samba, Suse and 1 more 5 Enterprise Linux, Fedora Core, Samba and 2 more 2026-04-16 N/A
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
CVE-2004-1158 3 Kde, Mandrakesoft, Redhat 4 Konqueror, Mandrake Linux, Enterprise Linux and 1 more 2026-04-16 N/A
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
CVE-2004-1171 3 Kde, Mandrakesoft, Redhat 3 Kde, Mandrake Linux, Fedora Core 2026-04-16 N/A
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
CVE-2004-1235 7 Avaya, Conectiva, Linux and 4 more 20 Converged Communications Server, Intuity Audix, Mn100 and 17 more 2026-04-16 N/A
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
CVE-2004-1269 2 Easy Software Products, Redhat 3 Cups, Enterprise Linux, Fedora Core 2026-04-16 N/A
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
CVE-2005-1267 5 Gentoo, Lbl, Mandrakesoft and 2 more 6 Linux, Tcpdump, Mandrake Linux and 3 more 2026-04-16 N/A
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVE-2004-1613 3 Mozilla, Redhat, Sgi 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more 2026-04-16 N/A
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
CVE-2005-2970 4 Apache, Canonical, Fedoraproject and 1 more 7 Http Server, Ubuntu Linux, Fedora Core and 4 more 2026-04-16 N/A
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
CVE-2005-3626 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2006-0452 1 Redhat 2 Directory Server, Fedora Core 2026-04-16 N/A
dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of "," (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite.
CVE-2006-0453 1 Redhat 2 Directory Server, Fedora Core 2026-04-16 N/A
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite.
CVE-2004-0802 9 Conectiva, Enlightenment, Imagemagick and 6 more 16 Linux, Imlib, Imlib2 and 13 more 2026-04-16 N/A
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
CVE-2004-0949 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2026-04-16 N/A
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.
CVE-2005-0736 3 Conectiva, Linux, Redhat 5 Linux, Linux Kernel, Enterprise Linux and 2 more 2026-04-16 N/A
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
CVE-2004-0986 4 Debian, Linux, Redhat and 1 more 4 Debian Linux, Linux Kernel, Fedora Core and 1 more 2026-04-16 N/A
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
CVE-2005-0109 5 Freebsd, Redhat, Sco and 2 more 9 Freebsd, Enterprise Linux, Enterprise Linux Desktop and 6 more 2026-04-16 N/A
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
CVE-2004-1011 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more 6 Cyrus Imap Server, Linux, Openpkg and 3 more 2026-04-16 N/A
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
CVE-2005-0156 7 Ibm, Larry Wall, Redhat and 4 more 9 Aix, Perl, Enterprise Linux and 6 more 2026-04-16 N/A
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-2004-1184 4 Gnu, Redhat, Sgi and 1 more 5 Enscript, Enterprise Linux, Fedora Core and 2 more 2026-04-16 N/A
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
CVE-2004-1267 2 Easy Software Products, Redhat 3 Cups, Enterprise Linux, Fedora Core 2026-04-16 N/A
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file.