Total
9991 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection. | |||||
| CVE-2004-0833 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages. | |||||
| CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
| CVE-1999-1048 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory. | |||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2025-04-03 | 10.0 HIGH | N/A |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||||
| CVE-2001-0139 | 5 Caldera, Debian, Immunix and 2 more | 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more | 2025-04-03 | 1.2 LOW | N/A |
| inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
| CVE-2004-0689 | 2 Debian, Kde | 2 Debian Linux, Kde | 2025-04-03 | 4.6 MEDIUM | 7.1 HIGH |
| KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. | |||||
| CVE-2004-0642 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | |||||
| CVE-2005-2700 | 3 Apache, Canonical, Debian | 3 Http Server, Ubuntu Linux, Debian Linux | 2025-04-03 | 10.0 HIGH | N/A |
| ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions. | |||||
| CVE-2003-0098 | 2 Apcupsd, Debian | 2 Apcupsd, Debian Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | |||||
| CVE-2005-1855 | 2 Debian, Sukria | 2 Debian Linux, Backup Manager | 2025-04-03 | 2.1 LOW | N/A |
| Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information. | |||||
| CVE-2006-4093 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2025-04-03 | 4.9 MEDIUM | N/A |
| Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." | |||||
| CVE-1999-0732 | 1 Debian | 1 Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
| The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links. | |||||
| CVE-2006-1566 | 1 Debian | 1 Debian Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. | |||||
| CVE-2000-0510 | 1 Debian | 1 Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request. | |||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | |||||
| CVE-2005-3120 | 2 Debian, Invisible-island | 2 Debian Linux, Lynx | 2025-04-03 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. | |||||
| CVE-2004-0522 | 2 Debian, Gallery Project | 2 Debian Linux, Gallery | 2025-04-03 | 10.0 HIGH | N/A |
| Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | |||||
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2025-04-03 | 2.1 LOW | N/A |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2006-1724 | 2 Debian, Mozilla | 5 Debian Linux, Firefox, Mozilla Suite and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML. | |||||