Search Results (400 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0390 2 Redhat, Suse 2 Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in Dosemu Slang library in Linux.
CVE-2000-0844 13 Caldera, Conectiva, Debian and 10 more 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more 2026-04-16 N/A
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2004-0956 3 Oracle, Suse, Ubuntu 3 Mysql, Suse Linux, Ubuntu Linux 2026-04-16 N/A
MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
CVE-2003-1295 2 Redhat, Suse 2 Enterprise Linux, Suse Linux 2026-04-16 N/A
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
CVE-2005-4788 1 Suse 1 Suse Linux 2026-04-16 N/A
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."
CVE-2005-0156 7 Ibm, Larry Wall, Redhat and 4 more 9 Aix, Perl, Enterprise Linux and 6 more 2026-04-16 N/A
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-2005-4789 1 Suse 1 Suse Linux 2026-04-16 N/A
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.
CVE-2003-1538 1 Suse 3 Office Server, Suse Linux, Suse Linux Openexchange Server 2026-04-16 N/A
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries.
CVE-2005-4790 2 Novell, Suse 2 Suse Linux, Suse Linux 2026-04-16 N/A
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
CVE-2000-0800 1 Suse 1 Suse Linux 2026-04-16 N/A
String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.
CVE-2006-0043 1 Suse 1 Suse Linux 2026-04-16 N/A
Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks.
CVE-2000-1095 5 Conectiva, Immunix, Mandrakesoft and 2 more 5 Linux, Immunix, Mandrake Linux and 2 more 2026-04-16 N/A
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
CVE-2004-0064 1 Suse 1 Suse Linux 2026-04-16 N/A
The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.
CVE-2002-2259 2 Gnuplot, Suse 2 Gnuplot, Suse Linux 2026-04-16 N/A
Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.
CVE-2002-0083 9 Conectiva, Engardelinux, Immunix and 6 more 11 Linux, Secure Linux, Immunix and 8 more 2026-04-16 9.8 Critical
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2004-0461 5 Infoblox, Isc, Mandrakesoft and 2 more 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more 2026-04-16 N/A
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
CVE-2006-0803 2 Novell, Suse 2 Suse Linux, Suse Linux 2026-04-16 N/A
The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.
CVE-2001-0525 1 Suse 1 Suse Linux 2026-04-16 N/A
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument.
CVE-2004-0592 1 Suse 1 Suse Linux 2026-04-16 N/A
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.
CVE-2005-0085 4 Htdig, Mandrakesoft, Redhat and 1 more 6 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.