Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
703 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0071 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2025-04-03 | N/A |
| The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | ||||
| CVE-2003-0072 | 2 Mit, Redhat | 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). | ||||
| CVE-2002-0715 | 2 Redhat, Squid | 3 Enterprise Linux, Linux, Squid | 2025-04-03 | N/A |
| Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password. | ||||
| CVE-2003-0073 | 2 Oracle, Redhat | 3 Mysql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user. | ||||
| CVE-2004-0003 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking." | ||||
| CVE-2003-0079 | 2 Hanterm, Redhat | 3 Hanterm-xf, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | ||||
| CVE-2003-0081 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. | ||||
| CVE-2003-0084 | 2 Mod Auth Any, Redhat | 3 Mod Auth Any, Enterprise Linux, Linux | 2025-04-03 | N/A |
| mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2003-0102 | 3 File, Netbsd, Redhat | 4 File, Netbsd, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). | ||||
| CVE-2002-0855 | 2 Gnu, Redhat | 5 Mailman, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature. | ||||
| CVE-2000-1189 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges. | ||||
| CVE-2000-1207 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844). | ||||
| CVE-2003-0124 | 2 Andries Brouwer, Redhat | 3 Man, Enterprise Linux, Linux | 2025-04-03 | N/A |
| man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. | ||||
| CVE-2003-0127 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | ||||
| CVE-2002-1158 | 2 Canna, Redhat | 3 Canna, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user. | ||||
| CVE-2002-1165 | 3 Netbsd, Redhat, Sendmail | 4 Netbsd, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | ||||
| CVE-2001-0835 | 2 Bradford Barrett, Redhat | 3 Webalizer, Linux, Powertools | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retrieved via a reverse DNS lookup. | ||||
| CVE-2000-0286 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| X fontserver xfs allows local users to cause a denial of service via malformed input to the server. | ||||
| CVE-2002-1132 | 2 Redhat, Squirrelmail | 2 Linux, Squirrelmail | 2025-04-03 | N/A |
| SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script. | ||||
| CVE-2003-0139 | 2 Mit, Redhat | 3 Kerberos, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing." | ||||