ReportizFlow
Filtered by vendor Debian
Subscriptions
Total
9039 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0564 | 2 Debian, Roaring Penguin | 2 Debian Linux, Pppoe | 2024-11-21 | N/A |
| Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. | ||||
| CVE-2004-0522 | 2 Debian, Gallery Project | 2 Debian Linux, Gallery | 2024-11-21 | N/A |
| Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | ||||
| CVE-2004-0488 | 3 Apache, Debian, Redhat | 8 Http Server, Debian Linux, Enterprise Linux and 5 more | 2024-11-21 | N/A |
| Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | ||||
| CVE-2004-0458 | 2 Debian, Nicolas Boullis | 2 Debian Linux, Mah-jong | 2024-11-21 | 7.5 High |
| mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference. | ||||
| CVE-2004-0456 | 3 Debian, Gentoo, Pavuk | 3 Debian Linux, Linux, Pavuk | 2024-11-21 | N/A |
| Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. | ||||
| CVE-2004-0455 | 2 Debian, Www-sql Project | 2 Debian Linux, Www-sql | 2024-11-21 | N/A |
| Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | ||||
| CVE-2004-0451 | 2 Debian, Sup | 2 Debian Linux, Sup | 2024-11-21 | N/A |
| Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog. | ||||
| CVE-2004-0434 | 2 Debian, Heimdal Project | 2 Debian Linux, Heimdal | 2024-11-21 | 9.8 Critical |
| k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. | ||||
| CVE-2004-0398 | 3 Debian, Redhat, Webdav | 4 Debian Linux, Enterprise Linux, Cadaver and 1 more | 2024-11-21 | N/A |
| Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. | ||||
| CVE-2004-0179 | 4 Apache, Debian, Redhat and 1 more | 7 Openoffice, Subversion, Debian Linux and 4 more | 2024-11-21 | N/A |
| Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. | ||||
| CVE-2004-0011 | 1 Debian | 1 Fsp | 2024-11-21 | N/A |
| Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code. | ||||
| CVE-2003-1022 | 1 Debian | 1 Fsp | 2024-11-21 | N/A |
| Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | ||||
| CVE-2003-0648 | 2 Debian, Fte | 2 Debian Linux, Fte Text Editor | 2024-11-21 | N/A |
| Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. | ||||
| CVE-2003-0618 | 3 Debian, Perl, Redhat | 3 Debian Linux, Suidperl, Enterprise Linux | 2024-11-21 | N/A |
| Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions. | ||||
| CVE-2003-0615 | 4 Cgi.pm, Debian, Openpkg and 1 more | 5 Cgi.pm, Debian Linux, Openpkg and 2 more | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. | ||||
| CVE-2003-0440 | 3 Debian, Redhat, Semi | 4 Debian Linux, Enterprise Linux, Linux and 1 more | 2024-11-21 | N/A |
| The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0385 | 1 Debian | 1 Debian Linux | 2024-11-21 | N/A |
| Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. | ||||
| CVE-2003-0382 | 2 Debian, Michael Jennings | 2 Debian Linux, Eterm | 2024-11-21 | N/A |
| Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. | ||||
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2024-11-21 | 6.2 Medium |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0362 | 1 Debian | 1 Debian Linux | 2024-11-21 | N/A |
| Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. | ||||