Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Linux
Total 249 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0169 4 Mandrakesoft, Redhat, Trustix and 1 more 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more 2025-04-03 2.1 LOW N/A
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
CVE-2001-0635 1 Redhat 1 Linux 2025-04-03 4.6 MEDIUM N/A
Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords.
CVE-2004-0902 4 Conectiva, Mozilla, Redhat and 1 more 9 Linux, Mozilla, Thunderbird and 6 more 2025-04-03 10.0 HIGH N/A
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
CVE-2000-0356 1 Redhat 1 Linux 2025-04-03 4.6 MEDIUM N/A
Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.
CVE-2005-3624 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2025-04-03 5.0 MEDIUM N/A
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
CVE-2000-0196 3 Nmh, Redhat, Turbolinux 3 Nmh, Linux, Turbolinux 2025-04-03 7.5 HIGH N/A
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
CVE-2004-1333 2 Linux, Redhat 3 Linux Kernel, Fedora Core, Linux 2025-04-03 2.1 LOW N/A
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
CVE-1999-0997 3 Millenux Gmbh, Redhat, University Of Washington 3 Anonftp, Linux, Wu-ftpd 2025-04-03 7.5 HIGH N/A
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
CVE-2001-0496 2 Mandrakesoft, Redhat 2 Mandrake Linux, Linux 2025-04-03 4.6 MEDIUM N/A
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
CVE-1999-0192 2 Redhat, Slackware 2 Linux, Slackware Linux 2025-04-03 10.0 HIGH N/A
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
CVE-1999-1288 4 Caldera, Redhat, Samba and 1 more 4 Openlinux, Linux, Samba and 1 more 2025-04-03 4.6 MEDIUM N/A
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
CVE-1999-0130 7 Bsdi, Caldera, Eric Allman and 4 more 7 Bsd Os, Network Desktop, Sendmail and 4 more 2025-04-03 7.2 HIGH N/A
Local users can start Sendmail in daemon mode and gain root privileges.
CVE-2003-0019 1 Redhat 1 Linux 2025-04-03 7.2 HIGH N/A
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.
CVE-1999-1496 3 Debian, Redhat, Todd Miller 3 Debian Linux, Linux, Sudo 2025-04-03 2.1 LOW N/A
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
CVE-2000-0917 3 Caldera, Redhat, Trustix 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more 2025-04-03 10.0 HIGH N/A
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
CVE-1999-0748 1 Redhat 1 Linux 2025-04-03 7.5 HIGH N/A
Buffer overflows in Red Hat net-tools package.
CVE-2004-1334 2 Linux, Redhat 3 Linux Kernel, Fedora Core, Linux 2025-04-03 2.1 LOW N/A
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.
CVE-2003-0041 3 Mandrakesoft, Mit, Redhat 4 Mandrake Linux, Mandrake Multi Network Firewall, Kerberos Ftp Client and 1 more 2025-04-03 10.0 HIGH N/A
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
CVE-1999-1299 2 Redhat, Slackware 2 Linux, Slackware Linux 2025-04-03 10.0 HIGH N/A
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2025-04-03 5.0 MEDIUM 7.5 HIGH
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.