Export limit exceeded: 23250 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23250 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2796 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. | ||||
| CVE-2005-2798 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-16 | N/A |
| sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. | ||||
| CVE-2005-2800 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error. | ||||
| CVE-2005-2801 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | 7.5 High |
| xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied. | ||||
| CVE-2005-3388 | 2 Php, Redhat | 4 Php, Enterprise Linux, Rhel Stronghold and 1 more | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment." | ||||
| CVE-2005-3389 | 2 Php, Redhat | 4 Php, Enterprise Linux, Rhel Stronghold and 1 more | 2026-04-16 | N/A |
| The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected. | ||||
| CVE-2005-3241 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors in the (1) ISAKMP, (2) FC-FCS, (3) RSVP, and (4) ISIS LSP dissector. | ||||
| CVE-2005-3390 | 2 Php, Redhat | 4 Php, Enterprise Linux, Rhel Stronghold and 1 more | 2026-04-16 | N/A |
| The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field. | ||||
| CVE-2004-1009 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2026-04-16 | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | ||||
| CVE-2005-3244 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||||
| CVE-2005-3053 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument. | ||||
| CVE-2005-3245 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2004-1093 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2026-04-16 | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." | ||||
| CVE-2004-1174 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2026-04-16 | N/A |
| direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." | ||||
| CVE-2004-1237 | 3 Linux, Redhat, Suse | 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2026-04-16 | N/A |
| Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors. | ||||
| CVE-2002-1365 | 2 Fetchmail, Redhat | 3 Fetchmail, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | ||||
| CVE-2005-0758 | 3 Canonical, Gnu, Redhat | 3 Ubuntu Linux, Gzip, Enterprise Linux | 2026-04-16 | N/A |
| zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. | ||||
| CVE-2002-0389 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. | ||||
| CVE-2003-0189 | 2 Apache, Redhat | 2 Http Server, Linux | 2026-04-16 | N/A |
| The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used. | ||||
| CVE-2003-0245 | 2 Apache, Redhat | 2 Http Server, Linux | 2026-04-16 | N/A |
| Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors. | ||||