Export limit exceeded: 20044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (20044 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0018 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
CVE-2003-0619 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
CVE-2004-0565 5 Gentoo, Linux, Mandrakesoft and 2 more 7 Linux, Linux Kernel, Mandrake Linux and 4 more 2026-04-16 N/A
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
CVE-2005-0449 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.
CVE-2003-0127 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
CVE-2003-1467 4 Linux, Microsoft, Phorum and 1 more 4 Linux Kernel, All Windows, Phorum and 1 more 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2004-0496 5 Gentoo, Linux, Mandrakesoft and 2 more 13 Linux, Linux Kernel, Mandrake Linux and 10 more 2026-04-16 N/A
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
CVE-2004-0497 7 Conectiva, Gentoo, Linux and 4 more 9 Linux, Linux, Linux Kernel and 6 more 2026-04-16 N/A
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2003-0187 1 Linux 1 Linux Kernel 2026-04-16 N/A
The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts.
CVE-2005-2490 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.
CVE-2002-1963 1 Linux 1 Linux Kernel 2026-04-16 N/A
Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit to 10 files, which allows local users to cause a denial of service (resource exhaustion) by opening 10 setuid binaries.
CVE-2005-3857 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function.
CVE-1999-0317 1 Linux 1 Linux Kernel 2026-04-16 N/A
Buffer overflow in Linux su command gives root access to local users.
CVE-2002-1976 1 Linux 1 Linux Kernel 2026-04-16 N/A
ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.
CVE-2002-0510 1 Linux 1 Linux Kernel 2026-04-16 N/A
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux.
CVE-2002-0499 1 Linux 1 Linux Kernel 2026-04-16 N/A
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.
CVE-2003-1040 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod.
CVE-2004-0554 6 Avaya, Conectiva, Gentoo and 3 more 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more 2026-04-16 N/A
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
CVE-2003-1454 4 Invision Power Services, Linux, Microsoft and 1 more 4 Invision Board, Linux Kernel, All Windows and 1 more 2026-04-16 N/A
Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access.
CVE-2005-2458 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".