Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13572 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0780 | 4 Conectiva, Mysql, Oracle and 1 more | 5 Linux, Mysql, Mysql and 2 more | 2024-08-08 | N/A |
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | ||||
CVE-2003-0773 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2024-08-08 | N/A |
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf. | ||||
CVE-2003-0855 | 2 Charles Kerr, Redhat | 3 Pan, Enterprise Linux, Linux | 2024-08-08 | N/A |
Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address. | ||||
CVE-2003-0777 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2024-08-08 | N/A |
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault). | ||||
CVE-2003-0774 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2024-08-08 | N/A |
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed. | ||||
CVE-2003-0775 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2024-08-08 | N/A |
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash). | ||||
CVE-2003-0776 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2024-08-08 | N/A |
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. | ||||
CVE-2003-0740 | 2 Redhat, Stunnel | 3 Enterprise Linux, Linux, Stunnel | 2024-08-08 | N/A |
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server. | ||||
CVE-2003-0720 | 2 Redhat, University Of Washington | 3 Enterprise Linux, Linux, Pine | 2024-08-08 | N/A |
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. | ||||
CVE-2003-0690 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-08-08 | N/A |
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module. | ||||
CVE-2003-0699 | 1 Redhat | 3 Enterprise Linux, Linux, Linux Advanced Workstation | 2024-08-08 | N/A |
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | ||||
CVE-2003-0695 | 2 Openbsd, Redhat | 3 Openssh, Enterprise Linux, Linux | 2024-08-08 | N/A |
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693. | ||||
CVE-2003-0686 | 2 Dave Airlie, Redhat | 4 Pam Smb, Enterprise Linux, Linux and 1 more | 2024-08-08 | N/A |
Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code. | ||||
CVE-2003-0700 | 1 Redhat | 3 Enterprise Linux, Kernel, Linux | 2024-08-08 | N/A |
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699. | ||||
CVE-2003-0689 | 1 Redhat | 2 Enterprise Linux, Linux | 2024-08-08 | N/A |
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. | ||||
CVE-2003-0694 | 12 Apple, Compaq, Freebsd and 9 more | 20 Mac Os X, Mac Os X Server, Tru64 and 17 more | 2024-08-08 | N/A |
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | ||||
CVE-2003-0682 | 2 Openbsd, Redhat | 3 Openssh, Enterprise Linux, Linux | 2024-08-08 | N/A |
"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695. | ||||
CVE-2003-0693 | 2 Openbsd, Redhat | 3 Openssh, Enterprise Linux, Linux | 2024-08-08 | N/A |
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. | ||||
CVE-2003-0644 | 2 Johannes Sixt, Redhat | 2 Kdbg, Enterprise Linux | 2024-08-08 | N/A |
Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands. | ||||
CVE-2003-0615 | 4 Cgi.pm, Debian, Openpkg and 1 more | 5 Cgi.pm, Debian Linux, Openpkg and 2 more | 2024-08-08 | N/A |
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. |