Filtered by vendor Conectiva
Subscriptions
Filtered by product Linux
Subscriptions
Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0904 | 4 Conectiva, Mozilla, Netscape and 1 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | N/A |
| Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | ||||
| CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2025-04-03 | N/A |
| modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2004-0882 | 4 Conectiva, Redhat, Samba and 1 more | 7 Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2025-04-03 | N/A |
| Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | ||||
| CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 8 Linux, Debian Linux, Freebsd and 5 more | 2025-04-03 | N/A |
| Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | ||||
| CVE-2000-1134 | 7 Caldera, Conectiva, Hp and 4 more | 9 Openlinux, Openlinux Edesktop, Openlinux Eserver and 6 more | 2025-04-03 | N/A |
| Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | ||||
| CVE-2001-0170 | 4 Conectiva, Debian, Immunix and 1 more | 4 Linux, Debian Linux, Immunix and 1 more | 2025-04-03 | N/A |
| glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | ||||
| CVE-2001-0178 | 4 Caldera, Conectiva, Mandrakesoft and 1 more | 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more | 2025-04-03 | N/A |
| kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | ||||
| CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2025-04-03 | N/A |
| expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | ||||
| CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2025-04-03 | N/A |
| rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | ||||
| CVE-2000-0668 | 3 Conectiva, Michael K. Johnson, Redhat | 3 Linux, Pam Console, Linux | 2025-04-03 | N/A |
| pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled. | ||||
| CVE-2000-0715 | 3 Conectiva, Kirk Bauer, Redhat | 3 Linux, Diskcheck, Powertools | 2025-04-03 | N/A |
| DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2025-04-03 | N/A |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | ||||
| CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 7 Linux, Freebsd, Licq and 4 more | 2025-04-03 | N/A |
| licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | ||||
| CVE-2001-0440 | 4 Conectiva, Licq, Mandrakesoft and 1 more | 5 Linux, Licq, Mandrake Linux and 2 more | 2025-04-03 | N/A |
| Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands. | ||||
| CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2025-04-03 | N/A |
| Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | ||||
| CVE-2005-3625 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | N/A |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | ||||
| CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2025-04-03 | N/A |
| Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | ||||
| CVE-2004-0497 | 7 Conectiva, Gentoo, Linux and 4 more | 9 Linux, Linux, Linux Kernel and 6 more | 2025-04-03 | N/A |
| Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. | ||||
| CVE-2004-0535 | 7 Conectiva, Engardelinux, Gentoo and 4 more | 18 Linux, Secure Community, Secure Linux and 15 more | 2025-04-03 | N/A |
| The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. | ||||
| CVE-2004-0884 | 3 Conectiva, Cyrus, Redhat | 3 Linux, Sasl, Enterprise Linux | 2025-04-03 | N/A |
| The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs. | ||||