Search Results (71 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1139 7 Altlinux, Conectiva, Debian and 4 more 9 Alt Linux, Linux, Debian Linux and 6 more 2026-04-16 N/A
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
CVE-2004-1142 7 Altlinux, Conectiva, Debian and 4 more 9 Alt Linux, Linux, Debian Linux and 6 more 2026-04-16 N/A
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
CVE-2004-1145 7 Altlinux, Conectiva, Debian and 4 more 9 Alt Linux, Linux, Debian Linux and 6 more 2026-04-16 N/A
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
CVE-2004-1175 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2026-04-16 N/A
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
CVE-2004-0494 2 Avaya, Redhat 4 Cvlan, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-04-16 N/A
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.
CVE-2004-0633 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more 5 Ethereal, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
CVE-2004-0634 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more 5 Ethereal, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
CVE-2004-0635 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more 5 Ethereal, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
CVE-2004-0904 4 Conectiva, Mozilla, Netscape and 1 more 10 Linux, Firefox, Mozilla and 7 more 2026-04-16 N/A
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
CVE-2005-0078 3 Debian, Kde, Redhat 5 Debian Linux, Kde, Enterprise Linux and 2 more 2026-04-16 N/A
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.
CVE-2005-0206 15 Ascii, Cstex, Debian and 12 more 22 Ptex, Cstetex, Debian Linux and 19 more 2026-04-16 N/A
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
CVE-2005-3624 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
CVE-2005-3625 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
CVE-2002-1323 5 Redhat, Safe.pm, Sco and 2 more 10 Enterprise Linux, Linux, Linux Advanced Workstation and 7 more 2026-04-16 N/A
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
CVE-2005-0667 5 Altlinux, Gentoo, Redhat and 2 more 7 Alt Linux, Linux, Enterprise Linux and 4 more 2026-04-16 N/A
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
CVE-2005-0699 4 Altlinux, Conectiva, Ethereal Group and 1 more 6 Alt Linux, Linux, Ethereal and 3 more 2026-04-16 N/A
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.
CVE-2005-0988 7 Freebsd, Gentoo, Gnu and 4 more 13 Freebsd, Linux, Gzip and 10 more 2026-04-16 N/A
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
CVE-2005-1061 2 Logwatch, Redhat 3 Logwatch, Enterprise Linux, Linux Advanced Workstation 2026-04-16 N/A
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
CVE-2005-1194 1 Redhat 3 Enterprise Linux, Enterprise Linux Desktop, Linux Advanced Workstation 2026-04-16 N/A
Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.
CVE-2005-1760 1 Redhat 4 Enterprise Linux, Enterprise Linux Desktop, Linux Advanced Workstation and 1 more 2026-04-16 N/A
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.