Search Results (16514 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1511 3 Att, Redhat, Tightvnc 4 Vnc, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.
CVE-2005-3358 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
CVE-2005-3357 2 Apache, Redhat 2 Http Server, Enterprise Linux 2026-04-16 N/A
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
CVE-2004-0947 4 Arj Software Inc., Gentoo, Redhat and 1 more 4 Unarj, Linux, Enterprise Linux and 1 more 2026-04-16 N/A
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.
CVE-2005-3353 2 Php, Redhat 2 Php, Enterprise Linux 2026-04-16 N/A
The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.
CVE-2005-3352 2 Apache, Redhat 5 Http Server, Enterprise Linux, Network Proxy and 2 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
CVE-2004-0946 2 Nfs, Redhat 3 Nfs-utils, Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.
CVE-2003-0777 2 Redhat, Sane 4 Enterprise Linux, Linux, Sane and 1 more 2026-04-16 N/A
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
CVE-2005-3351 2 Apache, Redhat 2 Spamassassin, Enterprise Linux 2026-04-16 N/A
SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl.
CVE-2005-3350 2 Libungif, Redhat 2 Libungif, Enterprise Linux 2026-04-16 N/A
libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
CVE-2004-0942 2 Apache, Redhat 2 Http Server, Enterprise Linux 2026-04-16 N/A
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
CVE-2005-3313 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).
CVE-2005-3276 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
CVE-2004-0941 3 Gd Graphics Library, Redhat, Trustix 3 Gdlib, Enterprise Linux, Secure Linux 2026-04-16 N/A
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.
CVE-2003-0776 2 Redhat, Sane 4 Enterprise Linux, Linux, Sane and 1 more 2026-04-16 N/A
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
CVE-2002-1510 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, X11r6 2026-04-16 N/A
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.
CVE-2002-0875 3 Debian, Redhat, Sgi 4 Debian Linux, Enterprise Linux, Fam and 1 more 2026-04-16 N/A
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
CVE-2005-3275 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption.
CVE-2005-3274 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2026-04-16 4.7 Medium
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired.
CVE-2004-0940 7 Apache, Hp, Openpkg and 4 more 9 Http Server, Hp-ux, Openpkg and 6 more 2026-04-16 7.8 High
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.