Export limit exceeded: 335724 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10020 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10020 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1244 | 4 Debian, Gnome, Libextractor and 1 more | 4 Debian Linux, Gpdf, Libextractor and 1 more | 2025-04-03 | N/A |
| Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature. | ||||
| CVE-2006-0050 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file. | ||||
| CVE-2005-4728 | 1 Debian | 1 Amaya | 2025-04-03 | N/A |
| Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian GNU/Linux allows local users to gain privileges via a malicious Mesa library in the /home/anand directory. | ||||
| CVE-2005-4347 | 1 Debian | 2 Debian Linux, Kernel-patch-vserver | 2025-04-03 | N/A |
| The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver. | ||||
| CVE-2005-3847 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-03 | 5.5 Medium |
| The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump. | ||||
| CVE-2005-3323 | 2 Debian, Zope | 2 Debian Linux, Zope | 2025-04-03 | N/A |
| docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality. | ||||
| CVE-2005-0159 | 1 Debian | 2 Debian Linux, Toolchain-source | 2025-04-03 | N/A |
| The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-0107 | 1 Debian | 1 Bsmtpd | 2025-04-03 | N/A |
| bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to execute arbitrary commands. | ||||
| CVE-1999-0678 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2025-04-03 | N/A |
| A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. | ||||
| CVE-2005-0076 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. | ||||
| CVE-2004-1076 | 2 Atari800, Debian | 2 Atari800, Debian Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file. | ||||
| CVE-2004-1052 | 3 Bnc, Debian, Gentoo | 3 Bnc, Debian Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters. | ||||
| CVE-2004-1027 | 4 Arjsoftware, Debian, Gentoo and 1 more | 4 Unarj, Debian Linux, Linux and 1 more | 2025-04-03 | N/A |
| Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. | ||||
| CVE-2004-0996 | 4 Cscope, Debian, Gentoo and 1 more | 4 Cscope, Debian Linux, Linux and 1 more | 2025-04-03 | N/A |
| main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2004-0980 | 3 Angus Mackay, Debian, Gentoo | 3 Ez-ipupdate, Debian Linux, Linux | 2025-04-03 | N/A |
| Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. | ||||
| CVE-2004-0911 | 1 Debian | 1 Netkit | 2025-04-03 | N/A |
| telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554. | ||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | N/A |
| Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | ||||
| CVE-2004-0835 | 4 Debian, Mysql, Oracle and 1 more | 5 Debian Linux, Mysql, Mysql and 2 more | 2025-04-03 | N/A |
| MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities. | ||||
| CVE-2004-0793 | 1 Debian | 1 Bsdmainutils | 2025-04-03 | N/A |
| The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file. | ||||
| CVE-2004-0689 | 3 Debian, Kde, Redhat | 3 Debian Linux, Kde, Enterprise Linux | 2025-04-03 | 7.1 High |
| KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. | ||||