Search Results (23500 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1350 2 Namazu, Redhat 2 Namazu, Linux 2026-04-16 N/A
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
CVE-2006-4567 2 Mozilla, Redhat 3 Firefox, Thunderbird, Enterprise Linux 2026-04-16 N/A
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update.
CVE-2006-0645 2 Free Software Foundation Inc., Redhat 2 Libtasn1, Enterprise Linux 2026-04-16 N/A
Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.
CVE-2006-0052 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.
CVE-2006-0150 2 Dave Carrigan, Redhat 2 Auth Ldap, Enterprise Linux 2026-04-16 N/A
Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username.
CVE-2006-3588 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2026-04-16 N/A
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587.
CVE-1999-1335 1 Redhat 1 Linux 2026-04-16 N/A
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
CVE-2002-1392 2 Gert Doering, Redhat 3 Mgetty, Enterprise Linux, Linux 2026-04-16 N/A
faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges.
CVE-2006-0024 2 Macromedia, Redhat 2 Flash Player, Rhel Extras 2026-04-16 N/A
Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
CVE-2005-3806 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.
CVE-2006-3746 2 Gnupg, Redhat 2 Gnupg, Enterprise Linux 2026-04-16 N/A
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
CVE-2001-0890 2 Redhat, Sane 3 Linux, Powertools, Sane 2026-04-16 N/A
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.
CVE-2002-0429 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).
CVE-2001-0887 2 Oliver Rauch, Redhat 3 Xsane, Linux, Powertools 2026-04-16 N/A
xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files.
CVE-2001-0852 1 Redhat 1 Linux 2026-04-16 N/A
TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.
CVE-2006-1522 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, which causes an invalid dereference in the __keyring_search_one function.
CVE-2004-0178 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.
CVE-2002-0506 1 Redhat 1 Linux 2026-04-16 N/A
Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt.
CVE-2005-3656 2 Guiseppe Tanzilli And Matthias Eckermann, Redhat 2 Mod Auth Pgsql, Enterprise Linux 2026-04-16 N/A
Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username.
CVE-2001-0140 3 Immunix, Mandrakesoft, Redhat 3 Immunix, Mandrake Linux, Linux 2026-04-16 N/A
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.