Every CVE whose affected-product data names Redhat Linux, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2004-0904 — CVSS 10.0 (critical): Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before…
CVE-2004-0903 — CVSS 10.0 (critical): Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before…
CVE-2001-0233 — CVSS 10.0 (critical): Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary…
CVE-1999-0192 — CVSS 10.0 (critical): Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
CVE-2005-3625 — CVSS 10.0 (critical): Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
CVE-2004-0902 — CVSS 10.0 (critical): Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow…
CVE-1999-1299 — CVSS 10.0 (critical): rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files…
CVE-2001-0197 — CVSS 10.0 (critical): Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
CVE-2000-0248 — CVSS 10.0 (critical): The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote…
CVE-2004-1026 — CVSS 10.0 (critical): Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow…
CVE-2000-1221 — CVSS 10.0 (critical): The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved…
CVE-2000-0666 — CVSS 10.0 (critical): rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote…
CVE-2000-1220 — CVSS 10.0 (critical): The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing…
CVE-2000-0390 — CVSS 10.0 (critical): Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
CVE-2003-0248 — CVSS 10.0 (critical): The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
CVE-2003-0041 — CVSS 10.0 (critical): Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the…
CVE-2000-0322 — CVSS 10.0 (critical): The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell…
CVE-1999-1542 — CVSS 10.0 (critical): RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
CVE-2000-0017 — CVSS 10.0 (critical): Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
CVE-2000-1010 — CVSS 10.0 (critical): Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via…
CVE-2000-0093 — CVSS 10.0 (critical): An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.
CVE-2000-0844 — CVSS 10.0 (critical): Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local…
CVE-2004-1025 — CVSS 10.0 (critical): Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote…
CVE-2000-0917 — CVSS 10.0 (critical): Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
CVE-1999-0043 — CVSS 9.8 (critical): Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVE-2002-0083 — CVSS 9.8 (critical): Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-1999-0704 — CVSS 9.3 (critical): Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
CVE-2018-20346 — CVSS 8.1 (high): SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries…
CVE-2002-0002 — CVSS 7.5 (high): Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious…
CVE-2001-1002 — CVSS 7.5 (high): The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is…
CVE-2001-0889 — CVSS 7.5 (high): Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a…
CVE-2001-0869 — CVSS 7.5 (high): Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow…
CVE-2000-0357 — CVSS 7.5 (high): ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
CVE-2001-0690 — CVSS 7.5 (high): Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote…
CVE-2001-0473 — CVSS 7.5 (high): Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
CVE-2001-0441 — CVSS 7.5 (high): Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute…
CVE-2000-1213 — CVSS 7.5 (high): ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after…
CVE-2000-0750 — CVSS 7.5 (high): Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long…
CVE-2000-0751 — CVSS 7.5 (high): mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers…
CVE-1999-0997 — CVSS 7.5 (high): wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to…
CVE-2018-17962 — CVSS 7.5 (high): Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
CVE-1999-0037 — CVSS 7.5 (high): Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
CVE-2004-0079 — CVSS 7.5 (high): The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service…
CVE-2003-0989 — CVSS 7.5 (high): tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different…
CVE-2003-0434 — CVSS 7.5 (high): Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell…
CVE-1999-1333 — CVSS 7.5 (high): automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands…
CVE-2003-0370 — CVSS 7.5 (high): Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote…
CVE-1999-1346 — CVSS 7.5 (high): PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which…
CVE-2003-0354 — CVSS 7.5 (high): Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a…
CVE-2003-0135 — CVSS 7.5 (high): vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which…
CVE-2002-0836 — CVSS 7.5 (high): dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute…
CVE-2005-0206 — CVSS 7.5 (high): The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux…
CVE-1999-0434 — CVSS 7.5 (high): XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing…
CVE-2002-0068 — CVSS 7.5 (high): Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an…
CVE-2000-0196 — CVSS 7.5 (high): Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email…
CVE-1999-0706 — CVSS 7.5 (high): Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
CVE-1999-0710 — CVSS 7.5 (high): The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows…
CVE-2001-1030 — CVSS 7.5 (high): Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and…
CVE-2002-0067 — CVSS 7.5 (high): Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote…
CVE-2002-0045 — CVSS 7.5 (high): slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls…
CVE-2016-3699 — CVSS 7.4 (high): The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled…
CVE-2000-1095 — CVSS 7.2 (high): modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
CVE-1999-0131 — CVSS 7.2 (high): Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVE-1999-0297 — CVSS 7.2 (high): Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
CVE-1999-0318 — CVSS 7.2 (high): Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
CVE-1999-0769 — CVSS 7.2 (high): Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
CVE-1999-0868 — CVSS 7.2 (high): ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
CVE-1999-0872 — CVSS 7.2 (high): Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
CVE-1999-1095 — CVSS 7.2 (high): sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user…
CVE-1999-1182 — CVSS 7.2 (high): Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a…
CVE-1999-1186 — CVSS 7.2 (high): rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows…
CVE-1999-1327 — CVSS 7.2 (high): Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental…
CVE-1999-1328 — CVSS 7.2 (high): linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink…
CVE-1999-1329 — CVSS 7.2 (high): Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
CVE-1999-1490 — CVSS 7.2 (high): xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.
CVE-1999-1491 — CVSS 7.2 (high): abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary…
CVE-2000-0052 — CVSS 7.2 (high): Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
CVE-2000-0118 — CVSS 7.2 (high): The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local…
CVE-2000-0170 — CVSS 7.2 (high): Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
CVE-2000-0186 — CVSS 7.2 (high): Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line…
CVE-2000-0219 — CVSS 7.2 (high): Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.
CVE-2000-0229 — CVSS 7.2 (high): gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from…
CVE-2000-0230 — CVSS 7.2 (high): Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
CVE-2000-0378 — CVSS 7.2 (high): The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those…
CVE-2000-0566 — CVSS 7.2 (high): makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
CVE-2000-0606 — CVSS 7.2 (high): Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long…
CVE-2000-0607 — CVSS 7.2 (high): Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file…
CVE-2000-0867 — CVSS 7.2 (high): Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root…
CVE-2000-0934 — CVSS 7.2 (high): Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.
CVE-2000-0963 — CVSS 7.2 (high): Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or…
CVE-2000-1009 — CVSS 7.2 (high): dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root…
CVE-2000-1125 — CVSS 7.2 (high): restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users…
CVE-2000-1134 — CVSS 7.2 (high): Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing <<…
CVE-2000-1189 — CVSS 7.2 (high): Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.
CVE-2000-1207 — CVSS 7.2 (high): userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in…
CVE-2000-1208 — CVSS 7.2 (high): Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges…
CVE-2001-0128 — CVSS 7.2 (high): Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain…
CVE-2001-0872 — CVSS 7.2 (high): OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows…
CVE-2001-1028 — CVSS 7.2 (high): Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.
CVE-2001-1374 — CVSS 7.2 (high): expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges…
CVE-2002-0004 — CVSS 7.2 (high): Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes…
CVE-2002-0062 — CVSS 7.2 (high): Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges…
CVE-2002-0506 — CVSS 7.2 (high): Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or…
CVE-2002-1155 — CVSS 7.2 (high): Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
CVE-2002-1160 — CVSS 7.2 (high): The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root…
CVE-2003-0019 — CVSS 7.2 (high): uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network…
CVE-2003-0188 — CVSS 7.2 (high): lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing…
CVE-2004-0619 — CVSS 7.2 (high): Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service…
CVE-2005-0750 — CVSS 7.2 (high): The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users…
CVE-2014-3250 — CVSS 6.5 (medium): The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote…
CVE-1999-0740 — CVSS 6.4 (medium): Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
CVE-1999-1335 — CVSS 6.4 (medium): snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive…
CVE-2000-0031 — CVSS 6.2 (medium): The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
CVE-2007-3103 — CVSS 6.2 (medium): The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of…
CVE-2001-1383 — CVSS 6.2 (medium): initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized…
CVE-2004-1235 — CVSS 6.2 (medium): Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6…
CVE-2002-0638 — CVSS 6.2 (medium): setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a…
CVE-2007-5079 — CVSS 6.0 (medium): Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers…
CVE-2023-5981 — CVSS 5.9 (medium): A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of…
CVE-1999-0011 — CVSS 5.4 (medium): Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
CVE-2001-0309 — CVSS 5.0 (medium): inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote…
CVE-2000-0508 — CVSS 5.0 (medium): rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
CVE-2001-0852 — CVSS 5.0 (medium): TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.
CVE-2001-0859 — CVSS 5.0 (medium): 2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with…
CVE-2005-3624 — CVSS 5.0 (medium): The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others…
CVE-2001-0977 — CVSS 5.0 (medium): slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid…
CVE-2000-0315 — CVSS 5.0 (medium): traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be…
CVE-2001-1013 — CVSS 5.0 (medium): Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no…
CVE-2000-0314 — CVSS 5.0 (medium): traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w)…
CVE-2005-3626 — CVSS 5.0 (medium): Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
CVE-2000-0289 — CVSS 5.0 (medium): IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source…
CVE-2002-1232 — CVSS 5.0 (medium): Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of…
CVE-2003-0247 — CVSS 5.0 (medium): Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
CVE-2003-0364 — CVSS 5.0 (medium): The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via…
CVE-2003-0550 — CVSS 5.0 (medium): The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge…
CVE-2003-0551 — CVSS 5.0 (medium): The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of…
CVE-2003-0552 — CVSS 5.0 (medium): Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the…
CVE-2004-0081 — CVSS 5.0 (medium): OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service…
CVE-2004-0112 — CVSS 5.0 (medium): The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of…
CVE-1999-0986 — CVSS 5.0 (medium): The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
CVE-1999-0804 — CVSS 5.0 (medium): Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
CVE-2004-1613 — CVSS 5.0 (medium): Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that…
CVE-2000-0668 — CVSS 5.0 (medium): pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm…
CVE-2002-2185 — CVSS 4.9 (medium): The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's…
CVE-1999-1330 — CVSS 4.6 (medium): The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that…
CVE-2000-1214 — CVSS 4.6 (medium): Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J…
CVE-2003-0464 — CVSS 4.6 (medium): The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are…
CVE-2001-0635 — CVSS 4.6 (medium): Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional…
CVE-2001-1375 — CVSS 4.6 (medium): tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local…
CVE-2000-0364 — CVSS 4.6 (medium): screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.
CVE-2001-0886 — CVSS 4.6 (medium): Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a…
CVE-2000-0365 — CVSS 4.6 (medium): Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.
CVE-2000-0356 — CVSS 4.6 (medium): Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.
CVE-2004-0905 — CVSS 4.6 (medium): Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform…
CVE-2000-0604 — CVSS 4.6 (medium): gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
CVE-1999-0433 — CVSS 4.6 (medium): XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing…
CVE-2001-0496 — CVSS 4.6 (medium): kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain…
CVE-2002-1814 — CVSS 4.6 (medium): Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
CVE-2001-0787 — CVSS 4.6 (medium): LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a…
CVE-2001-0641 — CVSS 4.6 (medium): Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S…
CVE-1999-1048 — CVSS 4.6 (medium): Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large…
CVE-2000-0701 — CVSS 4.6 (medium): The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain…
CVE-1999-1288 — CVSS 4.6 (medium): Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid…
CVE-1999-1347 — CVSS 4.6 (medium): Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by…
CVE-2003-0442 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows…
CVE-2007-1352 — CVSS 3.8 (low): Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary…
CVE-2002-0044 — CVSS 3.6 (low): GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
CVE-2002-1509 — CVSS 3.6 (low): A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's…
CVE-2001-0946 — CVSS 3.6 (low): apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink…
CVE-2002-0069 — CVSS 2.6 (low): Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
CVE-2000-0633 — CVSS 2.1 (low): Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
CVE-1999-1332 — CVSS 2.1 (low): gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a…
CVE-2000-0336 — CVSS 2.1 (low): Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.