Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatEnterprise Linux Desktop3.0

81 matches found

CVE
CVEadded 2005/03/26 5:0 a.m.66 views

CVE-2005-0398

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.

5CVSS6.2AI score0.04064EPSS
CVE
CVEadded 2004/09/28 4:0 a.m.65 views

CVE-2004-0643

Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.

4.6CVSS9.3AI score0.00132EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.65 views

CVE-2004-0902

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a ...

10CVSS7.5AI score0.18825EPSS
CVE
CVEadded 2005/02/07 5:0 a.m.64 views

CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

2.1CVSS7AI score0.00386EPSS
CVE
CVEadded 2007/02/20 5:28 p.m.64 views

CVE-2007-1007

Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.

10CVSS7.4AI score0.12342EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.62 views

CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

5.1CVSS7.5AI score0.06287EPSS
CVE
CVEadded 2008/05/08 12:20 a.m.62 views

CVE-2007-5001

Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file.

4.9CVSS5.8AI score0.00045EPSS
CVE
CVEadded 2005/01/27 5:0 a.m.61 views

CVE-2004-0903

Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a...

10CVSS7.7AI score0.18826EPSS
CVE
CVEadded 2005/02/20 5:0 a.m.61 views

CVE-2004-1613

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

5CVSS6.7AI score0.01798EPSS
CVE
CVEadded 2005/09/01 10:3 p.m.61 views

CVE-2005-0403

init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access o...

7.2CVSS6.4AI score0.0005EPSS
CVE
CVEadded 2005/06/14 4:0 a.m.61 views

CVE-2005-1760

sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.

7.5CVSS6.6AI score0.00542EPSS
CVE
CVEadded 2005/02/09 5:0 a.m.60 views

CVE-2004-0957

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

6.8CVSS5.9AI score0.00386EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.59 views

CVE-2004-1068

A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.

6.2CVSS7.3AI score0.00061EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.59 views

CVE-2004-1237

Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.

2.1CVSS6.3AI score0.00058EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.59 views

CVE-2005-0086

Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale.

7.5CVSS8.2AI score0.00907EPSS
CVE
CVEadded 2006/02/21 7:0 p.m.59 views

CVE-2005-1918

The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".

2.6CVSS6.2AI score0.02059EPSS
CVE
CVEadded 2004/11/23 5:0 a.m.57 views

CVE-2004-0494

Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.

7.5CVSS6.3AI score0.00855EPSS
CVE
CVEadded 2004/12/06 5:0 a.m.57 views

CVE-2004-0607

The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.

10CVSS6.2AI score0.03036EPSS
CVE
CVEadded 2004/09/24 4:0 a.m.56 views

CVE-2004-0905

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

4.6CVSS6.8AI score0.05741EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.56 views

CVE-2005-0078

The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.

4.6CVSS6AI score0.00077EPSS
CVE
CVEadded 2005/05/04 4:0 a.m.55 views

CVE-2005-1194

Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

4.6CVSS7.5AI score0.16447EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.54 views

CVE-2004-1139

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

5CVSS6.2AI score0.06148EPSS
CVE
CVEadded 2006/07/27 10:4 p.m.54 views

CVE-2006-2933

kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.

4.6CVSS6.4AI score0.00081EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.53 views

CVE-2004-1071

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.

7.2CVSS7.4AI score0.00052EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.53 views

CVE-2004-1142

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

5CVSS6.2AI score0.08831EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.52 views

CVE-2004-0946

rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request.

10CVSS7.7AI score0.20844EPSS
CVE
CVEadded 2004/12/31 5:0 a.m.52 views

CVE-2004-1145

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary fi...

5CVSS6.8AI score0.06715EPSS
CVE
CVEadded 2005/03/09 5:0 a.m.52 views

CVE-2005-0699

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

7.5CVSS7.7AI score0.04233EPSS
CVE
CVEadded 2005/05/18 4:0 a.m.51 views

CVE-2005-0757

The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with extended attributes enabled.

2.1CVSS7.1AI score0.00063EPSS
CVE
CVEadded 2004/10/20 4:0 a.m.48 views

CVE-2004-0750

Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.

7.5CVSS6.5AI score0.00455EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.47 views

CVE-2004-0812

Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code.

2.1CVSS7AI score0.00072EPSS
Total number of security vulnerabilities81