Export limit exceeded: 357806 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 357806 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23402 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0746 | 5 Gentoo, Kde, Mandrakesoft and 2 more | 6 Linux, Kde, Konqueror and 3 more | 2025-04-03 | N/A |
| Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | ||||
| CVE-2004-0745 | 2 Redhat, Tsugio Okamoto | 2 Enterprise Linux, Lha | 2025-04-03 | N/A |
| LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name. | ||||
| CVE-2004-0693 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2025-04-03 | N/A |
| The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692. | ||||
| CVE-2001-0011 | 2 Isc, Redhat | 2 Bind, Linux | 2025-04-03 | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2004-0692 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2025-04-03 | N/A |
| The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693. | ||||
| CVE-2004-0691 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2025-04-03 | N/A |
| Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. | ||||
| CVE-2001-1267 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). | ||||
| CVE-2001-1175 | 2 Andries Brouwer, Redhat | 2 Util-linux, Linux | 2025-04-03 | N/A |
| vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing. | ||||
| CVE-2004-0689 | 3 Debian, Kde, Redhat | 3 Debian Linux, Kde, Enterprise Linux | 2025-04-03 | 7.1 High |
| KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. | ||||
| CVE-2001-1174 | 2 Elm Development Group, Redhat | 2 Elm, Linux | 2025-04-03 | N/A |
| Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header. | ||||
| CVE-2004-0644 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-03 | N/A |
| The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding. | ||||
| CVE-1999-0769 | 4 Caldera, Debian, Paul Vixie and 1 more | 4 Openlinux, Debian Linux, Vixie Cron and 1 more | 2025-04-03 | N/A |
| Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. | ||||
| CVE-2001-1083 | 2 Icecast, Redhat | 2 Icecast, Powertools | 2025-04-03 | N/A |
| Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). | ||||
| CVE-2004-0643 | 3 Debian, Mit, Redhat | 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more | 2025-04-03 | N/A |
| Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | ||||
| CVE-2004-0642 | 3 Debian, Mit, Redhat | 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more | 2025-04-03 | N/A |
| Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-0630 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2025-04-03 | N/A |
| The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command. | ||||
| CVE-2004-0607 | 3 Ipsec-tools, Kame, Redhat | 4 Ipsec-tools, Racoon, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication. | ||||
| CVE-2004-0587 | 3 Mandrakesoft, Redhat, Suse | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. | ||||
| CVE-2001-1009 | 2 Fetchmail, Redhat | 2 Fetchmail, Linux | 2025-04-03 | N/A |
| Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | ||||
| CVE-1999-1407 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | ||||