Every CVE whose affected-product data names Trustix Secure Linux, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (65)
CVE-2004-0941 — CVSS 10.0 (critical): Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via…
CVE-2000-0666 — CVSS 10.0 (critical): rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote…
CVE-2004-0600 — CVSS 10.0 (critical): Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via…
CVE-2005-3625 — CVSS 10.0 (critical): Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
CVE-2000-0917 — CVSS 10.0 (critical): Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
CVE-2004-1304 — CVSS 10.0 (critical): Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF…
CVE-2004-1154 — CVSS 10.0 (critical): Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of…
CVE-2004-1065 — CVSS 10.0 (critical): Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary…
CVE-2004-1019 — CVSS 10.0 (critical): The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute…
CVE-2007-0910 — CVSS 10.0 (critical): Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
CVE-2000-0844 — CVSS 10.0 (critical): Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local…
CVE-2004-0989 — CVSS 10.0 (critical): Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute…
CVE-2004-1013 — CVSS 10.0 (critical): The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary…
CVE-2004-1012 — CVSS 10.0 (critical): The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary…
CVE-2004-1011 — CVSS 10.0 (critical): Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to…
CVE-2004-0990 — CVSS 10.0 (critical): Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of…
CVE-2002-0083 — CVSS 9.8 (critical): Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2004-0940 — CVSS 7.8 (high): Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to…
CVE-2004-0801 — CVSS 7.5 (high): Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute…
CVE-2001-1030 — CVSS 7.5 (high): Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and…
CVE-2004-0432 — CVSS 7.5 (high): ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to…
CVE-2004-0803 — CVSS 7.5 (high): Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer…
CVE-2004-2044 — CVSS 7.5 (high): PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke…
CVE-2007-0905 — CVSS 7.5 (high): PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE…
CVE-2007-0906 — CVSS 7.5 (high): Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via…
CVE-2007-0909 — CVSS 7.5 (high): Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to…
CVE-2004-1051 — CVSS 7.2 (high): sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that…
CVE-2004-1072 — CVSS 7.2 (high): The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that…
CVE-2004-1070 — CVSS 7.2 (high): The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not…
CVE-2004-1071 — CVSS 7.2 (high): The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to…
CVE-2000-0867 — CVSS 7.2 (high): Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root…
CVE-2004-0077 — CVSS 7.2 (high): The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the…
CVE-2000-1009 — CVSS 7.2 (high): dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root…
CVE-2005-0001 — CVSS 6.9 (medium): Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on…
CVE-2004-0957 — CVSS 6.8 (medium): Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore)…
CVE-2004-0595 — CVSS 6.8 (medium): The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when…
CVE-2004-0883 — CVSS 6.4 (medium): Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of…
CVE-2004-2546 — CVSS 6.4 (medium): Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).
CVE-2004-0949 — CVSS 6.4 (medium): The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of…
CVE-2004-0493 — CVSS 6.4 (medium): The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and…
CVE-2004-0594 — CVSS 5.1 (medium): The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is…
CVE-2007-0907 — CVSS 5.0 (medium): Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op…
CVE-2004-0886 — CVSS 5.0 (medium): Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption)…
CVE-2004-0918 — CVSS 5.0 (medium): The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a…
CVE-2004-0421 — CVSS 5.0 (medium): The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG…
CVE-2005-0384 — CVSS 5.0 (medium): Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash)…
CVE-2005-1267 — CVSS 5.0 (medium): The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows…
CVE-2005-3624 — CVSS 5.0 (medium): The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others…
CVE-2005-3626 — CVSS 5.0 (medium): Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial…
CVE-2004-0686 — CVSS 5.0 (medium): Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown…
CVE-2004-0809 — CVSS 5.0 (medium): The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain…
CVE-2000-0791 — CVSS 4.6 (medium): Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan…
CVE-2004-0685 — CVSS 4.6 (medium): Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to…
CVE-2005-0988 — CVSS 3.7 (low): Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary…
CVE-2004-0497 — CVSS 2.1 (low): Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2005-1410 — CVSS 2.1 (low): The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5)…
CVE-2004-0977 — CVSS 2.1 (low): The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary…
CVE-2004-1073 — CVSS 2.1 (low): The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users…
CVE-2002-1319 — CVSS 2.1 (low): The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the…
CVE-2005-0156 — CVSS 2.1 (low): Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute…
CVE-2004-0565 — CVSS 2.1 (low): Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which…
CVE-2001-0169 — CVSS 2.1 (low): When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in…
CVE-2004-0415 — CVSS 2.1 (low): Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
CVE-2001-0117 — CVSS 1.2 (low): sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
CVE-2001-0142 — CVSS 1.2 (low): squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.