Search Results (57 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0192 2 Redhat, Slackware 2 Linux, Slackware Linux 2026-04-16 N/A
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
CVE-1999-0242 1 Slackware 1 Slackware Linux 2026-04-16 N/A
Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.
CVE-1999-0298 2 Slackware, Sun 2 Slackware Linux, Sunos 2026-04-16 N/A
ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.
CVE-1999-0421 1 Slackware 1 Slackware Linux 2026-04-16 N/A
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.
CVE-1999-0856 1 Slackware 1 Slackware Linux 2026-04-16 N/A
login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.
CVE-2004-0233 4 Redhat, Sgi, Slackware and 1 more 5 Enterprise Linux, Linux, Propack and 2 more 2026-04-16 N/A
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
CVE-1999-1095 2 Redhat, Slackware 2 Linux, Slackware Linux 2026-04-16 N/A
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
CVE-1999-1299 2 Redhat, Slackware 2 Linux, Slackware Linux 2026-04-16 N/A
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
CVE-1999-1445 1 Slackware 1 Slackware Linux 2026-04-16 N/A
Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
CVE-1999-0746 2 Slackware, Suse 2 Slackware Linux, Suse Linux 2026-04-16 N/A
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
CVE-2000-0314 5 Debian, Digital, Netbsd and 2 more 5 Debian Linux, Unix, Netbsd and 2 more 2026-04-16 N/A
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
CVE-2016-4448 9 Apple, Hp, Mcafee and 6 more 22 Icloud, Iphone Os, Itunes and 19 more 2025-04-12 9.8 Critical
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2013-4854 10 Fedoraproject, Freebsd, Hp and 7 more 12 Fedora, Freebsd, Hp-ux and 9 more 2025-04-11 N/A
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
CVE-2018-7184 5 Canonical, Netapp, Ntp and 2 more 10 Ubuntu Linux, Cloud Backup, Steelstore Cloud Integrated Storage and 7 more 2025-01-14 N/A
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.
CVE-2018-9336 2 Openvpn, Slackware 2 Openvpn, Slackware Linux 2024-11-21 N/A
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
CVE-2013-7172 1 Slackware 1 Slackware Linux 2024-11-21 7.8 High
Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.
CVE-2013-7171 1 Slackware 1 Slackware Linux 2024-11-21 9.8 Critical
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.