Total
155 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0996 | 4 Cscope, Debian, Gentoo and 1 more | 4 Cscope, Debian Linux, Linux and 1 more | 2024-02-04 | 2.1 LOW | N/A |
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2004-1055 | 2 Gentoo, Phpmyadmin | 2 Linux, Phpmyadmin | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser. | |||||
CVE-2004-0947 | 3 Arj Software Inc., Gentoo, Suse | 3 Unarj, Linux, Suse Linux | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. | |||||
CVE-2005-2557 | 3 Debian, Gentoo, Mantis | 3 Debian Linux, Linux, Mantis | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090. | |||||
CVE-2004-0880 | 3 Gentoo, Getmail, Slackware | 3 Linux, Getmail, Slackware Linux | 2024-02-04 | 1.2 LOW | N/A |
getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file. | |||||
CVE-2006-0071 | 1 Gentoo | 2 App-crypt Pinentry, Linux | 2024-02-04 | 6.6 MEDIUM | N/A |
The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0. | |||||
CVE-2004-1115 | 1 Gentoo | 1 Linux | 2024-02-04 | 7.2 HIGH | N/A |
The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | |||||
CVE-2005-0754 | 5 Conectiva, Gentoo, Kde and 2 more | 6 Linux, Linux, Kde and 3 more | 2024-02-04 | 7.5 HIGH | N/A |
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. | |||||
CVE-2005-0988 | 7 Freebsd, Gentoo, Gnu and 4 more | 13 Freebsd, Linux, Gzip and 10 more | 2024-02-04 | 3.7 LOW | N/A |
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | |||||
CVE-2004-1108 | 1 Gentoo | 1 Linux | 2024-02-04 | 2.1 LOW | N/A |
qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory. | |||||
CVE-2004-0937 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2024-02-04 | 7.5 HIGH | N/A |
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||||
CVE-2005-0077 | 4 Debian, Gentoo, Redhat and 1 more | 5 Debian Linux, Linux, Enterprise Linux and 2 more | 2024-02-04 | 2.1 LOW | N/A |
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | |||||
CVE-2004-1026 | 3 Enlightenment, Gentoo, Redhat | 3 Imlib, Linux, Linux | 2024-02-04 | 10.0 HIGH | N/A |
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. | |||||
CVE-2004-0914 | 6 Gentoo, Lesstif, Redhat and 3 more | 6 Linux, Lesstif, Fedora Core and 3 more | 2024-02-04 | 10.0 HIGH | N/A |
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions. | |||||
CVE-2004-0888 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2024-02-04 | 10.0 HIGH | N/A |
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | |||||
CVE-2004-0981 | 4 Debian, Gentoo, Imagemagick and 1 more | 4 Debian Linux, Linux, Imagemagick and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. | |||||
CVE-2004-0936 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2024-02-04 | 7.5 HIGH | N/A |
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | |||||
CVE-2004-1176 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2024-02-04 | 7.5 HIGH | N/A |
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
CVE-2005-0470 | 3 Gentoo, Suse, Wpa Supplicant | 3 Linux, Suse Linux, Wpa Supplicant | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data. | |||||
CVE-2004-0972 | 2 Gentoo, Lvm | 2 Linux, Logical Volume Management Utilities | 2024-02-04 | 2.1 LOW | N/A |
The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. |