Filtered by vendor Gentoo
Subscriptions
Filtered by product Linux
Subscriptions
Total
154 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0231 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2024-08-08 | N/A |
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." | ||||
CVE-2004-0229 | 2 Gentoo, Linux | 2 Linux, Linux Kernel | 2024-08-08 | N/A |
The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact. | ||||
CVE-2004-0224 | 3 Double Precision Incorporated, Gentoo, Inter7 | 4 Courier Mta, Sqwebmail, Linux and 1 more | 2024-08-08 | N/A |
Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range." | ||||
CVE-2004-0232 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2024-08-08 | N/A |
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
CVE-2004-0226 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2024-08-08 | N/A |
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2024-08-07 | N/A |
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | ||||
CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2024-08-07 | N/A |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | ||||
CVE-2005-3625 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2024-08-07 | N/A |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | ||||
CVE-2005-2557 | 3 Debian, Gentoo, Mantis | 3 Debian Linux, Linux, Mantis | 2024-08-07 | N/A |
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090. | ||||
CVE-2005-1267 | 5 Gentoo, Lbl, Mandrakesoft and 2 more | 6 Linux, Tcpdump, Mandrake Linux and 3 more | 2024-08-07 | N/A |
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. | ||||
CVE-2005-1121 | 2 Gentoo, Igor Khasilev | 2 Linux, Oops Proxy Server | 2024-08-07 | N/A |
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL. | ||||
CVE-2005-0988 | 7 Freebsd, Gentoo, Gnu and 4 more | 13 Freebsd, Linux, Gzip and 10 more | 2024-08-07 | N/A |
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | ||||
CVE-2005-0754 | 5 Conectiva, Gentoo, Kde and 2 more | 6 Linux, Linux, Kde and 3 more | 2024-08-07 | N/A |
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. | ||||
CVE-2005-0667 | 5 Altlinux, Gentoo, Redhat and 2 more | 7 Alt Linux, Linux, Enterprise Linux and 4 more | 2024-08-07 | N/A |
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. | ||||
CVE-2005-0535 | 2 Gentoo, Mediawiki | 2 Linux, Mediawiki | 2024-08-07 | N/A |
Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users. | ||||
CVE-2005-0470 | 3 Gentoo, Suse, Wpa Supplicant | 3 Linux, Suse Linux, Wpa Supplicant | 2024-08-07 | N/A |
Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data. | ||||
CVE-2005-0206 | 15 Ascii, Cstex, Debian and 12 more | 22 Ptex, Cstetex, Debian Linux and 19 more | 2024-08-07 | N/A |
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | ||||
CVE-2005-0077 | 4 Debian, Gentoo, Redhat and 1 more | 5 Debian Linux, Linux, Enterprise Linux and 2 more | 2024-08-07 | N/A |
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | ||||
CVE-2005-0005 | 7 Debian, Gentoo, Graphicsmagick and 4 more | 7 Debian Linux, Linux, Graphicsmagick and 4 more | 2024-08-07 | N/A |
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. | ||||
CVE-2006-7094 | 3 Debian, Ftpd, Gentoo | 3 Debian Linux, Ftpd, Linux | 2024-08-07 | N/A |
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors. |