Total
8485 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0730 | 1 Debian | 1 Debian Linux | 2025-04-03 | 10.0 HIGH | N/A |
| The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. | |||||
| CVE-2004-0179 | 3 Apache, Debian, Webdav | 5 Openoffice, Subversion, Debian Linux and 2 more | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. | |||||
| CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2025-04-03 | 7.2 HIGH | N/A |
| The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | |||||
| CVE-2006-1724 | 2 Debian, Mozilla | 5 Debian Linux, Firefox, Mozilla Suite and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML. | |||||
| CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
| CVE-2005-1527 | 3 Awstats, Canonical, Debian | 3 Awstats, Ubuntu Linux, Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call. | |||||
| CVE-2000-0076 | 2 Berkeley, Debian | 2 Nvi, Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
| nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover. | |||||
| CVE-2005-0077 | 4 Debian, Gentoo, Redhat and 1 more | 5 Debian Linux, Linux, Enterprise Linux and 2 more | 2025-04-03 | 2.1 LOW | N/A |
| The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | |||||
| CVE-2004-0434 | 2 Debian, Heimdal Project | 2 Debian Linux, Heimdal | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. | |||||
| CVE-2004-0888 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | |||||
| CVE-2004-0981 | 4 Debian, Gentoo, Imagemagick and 1 more | 4 Debian Linux, Linux, Imagemagick and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. | |||||
| CVE-2006-1772 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.2 HIGH | N/A |
| debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password. | |||||
| CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2025-04-03 | 1.2 LOW | N/A |
| privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2003-0382 | 2 Debian, Michael Jennings | 2 Debian Linux, Eterm | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. | |||||
| CVE-2004-1176 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2005-0159 | 1 Debian | 2 Debian Linux, Toolchain-source | 2025-04-03 | 4.6 MEDIUM | N/A |
| The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2025-04-03 | 2.1 LOW | N/A |
| cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | |||||
| CVE-2005-3055 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference. | |||||
| CVE-2005-0102 | 2 Debian, Gnome | 2 Debian Linux, Evolution | 2025-04-03 | 7.2 HIGH | 9.8 CRITICAL |
| Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. | |||||
| CVE-2001-0834 | 4 Conectiva, Debian, Htdig and 1 more | 4 Linux, Debian Linux, Htdig and 1 more | 2025-04-03 | 6.4 MEDIUM | N/A |
| htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | |||||