Export limit exceeded: 16478 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (16478 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0576 | 2 Maynard Johnson, Redhat | 2 Oprofile, Enterprise Linux | 2026-04-16 | N/A |
| Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing opcontrol using sudo. In such a context, this is a vulnerability. | ||||
| CVE-2005-0403 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | N/A |
| init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure. | ||||
| CVE-2005-3629 | 1 Redhat | 1 Enterprise Linux | 2026-04-16 | N/A |
| initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors. | ||||
| CVE-2005-2491 | 2 Pcre, Redhat | 2 Pcre, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | ||||
| CVE-2005-2550 | 2 Gnome, Redhat | 2 Evolution, Enterprise Linux | 2026-04-16 | N/A |
| Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab. | ||||
| CVE-2006-2444 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite. | ||||
| CVE-2005-2705 | 2 Mozilla, Redhat | 3 Firefox, Mozilla Suite, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code. | ||||
| CVE-2006-4538 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries. | ||||
| CVE-2005-3628 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2026-04-16 | N/A |
| Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors. | ||||
| CVE-2005-0402 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page. | ||||
| CVE-2005-2708 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process using the bash ulimit -v command. | ||||
| CVE-2005-0246 | 2 Postgresql, Redhat | 2 Postgresql, Enterprise Linux | 2026-04-16 | N/A |
| The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service (crash) via crafted arrays. | ||||
| CVE-2005-0244 | 2 Postgresql, Redhat | 2 Postgresql, Enterprise Linux | 2026-04-16 | N/A |
| PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command. | ||||
| CVE-2006-1938 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector. | ||||
| CVE-2006-0058 | 2 Redhat, Sendmail | 2 Enterprise Linux, Sendmail | 2026-04-16 | N/A |
| Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations. | ||||
| CVE-2006-4569 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks. | ||||
| CVE-2006-4571 | 2 Mozilla, Redhat | 3 Seamonkey, Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and possibly large images or plugin data. | ||||
| CVE-2005-0231 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing." | ||||
| CVE-2005-2665 | 2 Elm Development Group, Redhat | 2 Elm, Enterprise Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, and possibly other versions, allows remote attackers to execute arbitrary code via an e-mail message with a long Expires header. | ||||
| CVE-2005-2666 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-16 | N/A |
| SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key. | ||||