Every CVE whose affected-product data names Redhat Fedora Core, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (77)
CVE-2004-0904 — CVSS 10.0 (critical): Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before…
CVE-2004-0914 — CVSS 10.0 (critical): Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows…
CVE-2004-1154 — CVSS 10.0 (critical): Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of…
CVE-2004-0234 — CVSS 10.0 (critical): Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam…
CVE-2004-1067 — CVSS 10.0 (critical): Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow…
CVE-2004-1015 — CVSS 10.0 (critical): Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to…
CVE-2004-1013 — CVSS 10.0 (critical): The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary…
CVE-2004-1012 — CVSS 10.0 (critical): The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary…
CVE-2004-0989 — CVSS 10.0 (critical): Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute…
CVE-2006-6235 — CVSS 10.0 (critical): A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute…
CVE-2004-0460 — CVSS 10.0 (critical): Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause…
CVE-2004-0461 — CVSS 10.0 (critical): The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function…
CVE-2004-0557 — CVSS 10.0 (critical): Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers…
CVE-2004-0882 — CVSS 10.0 (critical): Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via…
CVE-2005-3625 — CVSS 10.0 (critical): Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
CVE-2004-1011 — CVSS 10.0 (critical): Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to…
CVE-2004-0888 — CVSS 10.0 (critical): Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote…
CVE-2004-0889 — CVSS 10.0 (critical): Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of…
CVE-2004-0902 — CVSS 10.0 (critical): Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow…
CVE-2004-0903 — CVSS 10.0 (critical): Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before…
CVE-2006-0453 — CVSS 7.8 (high): The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER…
CVE-2004-0986 — CVSS 7.5 (high): Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall…
CVE-2005-0754 — CVSS 7.5 (high): Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute…
CVE-2005-0605 — CVSS 7.5 (high): scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVE-2004-0803 — CVSS 7.5 (high): Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer…
CVE-2004-0817 — CVSS 7.5 (high): Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVE-2004-0827 — CVSS 7.5 (high): Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a…
CVE-2005-0373 — CVSS 7.5 (high): Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL…
CVE-2005-0206 — CVSS 7.5 (high): The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux…
CVE-2004-1158 — CVSS 7.5 (high): Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from…
CVE-2004-1072 — CVSS 7.2 (high): The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that…
CVE-2004-0619 — CVSS 7.2 (high): Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service…
CVE-2004-1070 — CVSS 7.2 (high): The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not…
CVE-2004-1071 — CVSS 7.2 (high): The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to…
CVE-2005-0750 — CVSS 7.2 (high): The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users…
CVE-2006-0745 — CVSS 7.2 (high): X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the…
CVE-2005-0085 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or…
CVE-2004-0595 — CVSS 6.8 (medium): The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when…
CVE-2004-1267 — CVSS 6.5 (medium): Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute…
CVE-2004-0235 — CVSS 6.4 (medium): Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive…
CVE-2004-0883 — CVSS 6.4 (medium): Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of…
CVE-2004-0949 — CVSS 6.4 (medium): The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of…
CVE-2004-1235 — CVSS 6.2 (medium): Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6…
CVE-2007-2874 — CVSS 5.8 (medium): Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7…
CVE-2005-0109 — CVSS 5.6 (medium): Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local…
CVE-2005-0667 — CVSS 5.1 (medium): Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail…
CVE-2004-0802 — CVSS 5.1 (medium): Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP…
CVE-2005-3630 — CVSS 5.0 (medium): Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME…
CVE-2004-0930 — CVSS 5.0 (medium): The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service…
CVE-2004-0918 — CVSS 5.0 (medium): The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a…
CVE-2004-1269 — CVSS 5.0 (medium): lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which…
CVE-2004-1613 — CVSS 5.0 (medium): Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that…
CVE-2004-0886 — CVSS 5.0 (medium): Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption)…
CVE-2005-1267 — CVSS 5.0 (medium): The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows…
CVE-2005-3624 — CVSS 5.0 (medium): The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others…
CVE-2005-3626 — CVSS 5.0 (medium): Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
CVE-2006-0451 — CVSS 5.0 (medium): Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory…
CVE-2006-0452 — CVSS 5.0 (medium): dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory…
CVE-2004-0961 — CVSS 5.0 (medium): Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of…
CVE-2004-0960 — CVSS 5.0 (medium): FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA)…
CVE-2007-2030 — CVSS 4.9 (medium): lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA…
CVE-2006-5701 — CVSS 4.9 (medium): Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows…
CVE-2004-1184 — CVSS 4.6 (medium): The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
CVE-2004-0905 — CVSS 4.6 (medium): Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform…
CVE-2007-1352 — CVSS 3.8 (low): Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary…
CVE-2004-1335 — CVSS 2.1 (low): Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory…
CVE-2004-1333 — CVSS 2.1 (low): Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service…
CVE-2005-0156 — CVSS 2.1 (low): Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute…
CVE-2004-0415 — CVSS 2.1 (low): Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
CVE-2004-1270 — CVSS 2.1 (low): lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called…
CVE-2004-1268 — CVSS 2.1 (low): lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling…
CVE-2004-1171 — CVSS 2.1 (low): KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol…
CVE-2005-0736 — CVSS 2.1 (low): Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large…
CVE-2007-6131 — CVSS 2.1 (low): buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2)…
CVE-2004-0587 — CVSS 2.1 (low): Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
CVE-2004-1073 — CVSS 2.1 (low): The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users…
CVE-2004-0974 — CVSS 2.1 (low): The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files…