Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
701 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2001-0120 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-08-08 | N/A |
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. | ||||
CVE-2001-0066 | 2 Kevin Lindsay, Redhat | 2 Secure Locate, Linux | 2024-08-08 | N/A |
Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer. | ||||
CVE-2001-0071 | 2 Gnu, Redhat | 2 Privacy Guard, Linux | 2024-08-08 | N/A |
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection. | ||||
CVE-2001-0072 | 2 Gnu, Redhat | 2 Privacy Guard, Linux | 2024-08-08 | N/A |
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. | ||||
CVE-2001-0010 | 2 Isc, Redhat | 2 Bind, Linux | 2024-08-08 | N/A |
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | ||||
CVE-2001-0013 | 2 Isc, Redhat | 2 Bind, Linux | 2024-08-08 | N/A |
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
CVE-2001-0012 | 2 Isc, Redhat | 2 Bind, Linux | 2024-08-08 | N/A |
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | ||||
CVE-2002-2185 | 6 Debian, Mandrakesoft, Microsoft and 3 more | 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more | 2024-08-08 | N/A |
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | ||||
CVE-2002-1574 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. | ||||
CVE-2002-1573 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2024-08-08 | N/A |
Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling." | ||||
CVE-2002-1572 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2024-08-08 | N/A |
Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors. | ||||
CVE-2002-1563 | 2 Redhat, Stunnel | 3 Enterprise Linux, Linux, Stunnel | 2024-08-08 | N/A |
stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter. | ||||
CVE-2002-1405 | 4 Elinks, Links, Redhat and 1 more | 5 Elinks, Links, Enterprise Linux and 2 more | 2024-08-08 | N/A |
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters. | ||||
CVE-2002-1511 | 3 Att, Redhat, Tightvnc | 4 Vnc, Enterprise Linux, Linux and 1 more | 2024-08-08 | N/A |
The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. | ||||
CVE-2002-1508 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2024-08-08 | N/A |
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. | ||||
CVE-2002-1510 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2024-08-08 | N/A |
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | ||||
CVE-2002-1509 | 1 Redhat | 2 Enterprise Linux, Linux | 2024-08-08 | N/A |
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email. | ||||
CVE-2002-1467 | 2 Macromedia, Redhat | 4 Flash Player, Shockwave, Enterprise Linux and 1 more | 2024-08-08 | N/A |
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). | ||||
CVE-2002-1472 | 2 Redhat, Xfree86 Project | 2 Linux, X11r6 | 2024-08-08 | N/A |
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | ||||
CVE-2002-1402 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code. |