Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13572 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0388 | 2 Oracle, Redhat | 2 Mysql, Enterprise Linux | 2024-08-08 | N/A |
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | ||||
CVE-2004-0381 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-08 | N/A |
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | ||||
CVE-2004-0365 | 2 Ethereal, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2024-08-08 | 7.5 High |
The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference. | ||||
CVE-2004-0096 | 2 Apache, Redhat | 3 Mod Python, Enterprise Linux, Linux | 2024-08-08 | N/A |
Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973. | ||||
CVE-2004-0179 | 4 Apache, Debian, Redhat and 1 more | 7 Openoffice, Subversion, Debian Linux and 4 more | 2024-08-08 | N/A |
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. | ||||
CVE-2004-0231 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2024-08-08 | N/A |
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." | ||||
CVE-2004-0234 | 8 Clearswift, F-secure, Rarlab and 5 more | 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more | 2024-08-08 | N/A |
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. | ||||
CVE-2004-0105 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2024-08-08 | N/A |
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | ||||
CVE-2004-0189 | 2 Redhat, Squid | 3 Enterprise Linux, Linux, Squid | 2024-08-08 | N/A |
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists. | ||||
CVE-2004-0097 | 2 Openh323 Project, Redhat | 3 Pwlib, Enterprise Linux, Linux | 2024-08-08 | N/A |
Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | ||||
CVE-2004-0191 | 2 Mozilla, Redhat | 3 Mozilla, Enterprise Linux, Linux | 2024-08-08 | N/A |
Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events. | ||||
CVE-2004-0180 | 2 Cvs, Redhat | 3 Cvs, Enterprise Linux, Linux | 2024-08-08 | N/A |
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405. | ||||
CVE-2004-0233 | 4 Redhat, Sgi, Slackware and 1 more | 5 Enterprise Linux, Linux, Propack and 2 more | 2024-08-08 | N/A |
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files. | ||||
CVE-2004-0185 | 2 Redhat, Washington University | 2 Enterprise Linux, Wu-ftpd | 2024-08-08 | N/A |
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name. | ||||
CVE-2004-0235 | 8 Clearswift, F-secure, Rarlab and 5 more | 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more | 2024-08-08 | N/A |
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). | ||||
CVE-2004-0104 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2024-08-08 | N/A |
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | ||||
CVE-2004-0109 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. | ||||
CVE-2004-0148 | 3 Redhat, Sgi, Washington University | 3 Enterprise Linux, Propack, Wu-ftpd | 2024-08-08 | N/A |
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | ||||
CVE-2004-0138 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-08 | N/A |
The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped. | ||||
CVE-2004-0232 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2024-08-08 | N/A |
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. |