ReportizFlow
Filtered by vendor Conectiva
Subscriptions
Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5938 | 3 Conectiva, Ibm, Novell | 3 Linux, Infosphere Information Server, Unixware | 2025-04-11 | N/A |
| The installation process in IBM InfoSphere Information Server 8.1, 8.5, 8.7, and 9.1 on UNIX and Linux sets incorrect permissions and ownerships for unspecified files, which allows local users to bypass intended access restrictions via standard filesystem operations. | ||||
| CVE-2009-3048 | 4 Conectiva, Freebsd, Opera and 1 more | 4 Linux, Freebsd, Opera Browser and 1 more | 2025-04-09 | N/A |
| Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file." | ||||
| CVE-2007-4137 | 6 Conectiva, Gentoo, Mandrakesoft and 3 more | 8 Linux, Linux, Mandrake Linux and 5 more | 2025-04-09 | N/A |
| Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. | ||||
| CVE-2000-0668 | 3 Conectiva, Michael K. Johnson, Redhat | 3 Linux, Pam Console, Linux | 2025-04-03 | N/A |
| pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled. | ||||
| CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 7 Linux, Freebsd, Licq and 4 more | 2025-04-03 | N/A |
| licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | ||||
| CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||||
| CVE-2000-0747 | 1 Conectiva | 1 Linux | 2025-04-03 | N/A |
| The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it. | ||||
| CVE-2004-1142 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2025-04-03 | N/A |
| Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||||
| CVE-2005-0750 | 5 Conectiva, Linux, Redhat and 2 more | 8 Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-04-03 | N/A |
| The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | ||||
| CVE-2004-0884 | 3 Conectiva, Cyrus, Redhat | 3 Linux, Sasl, Enterprise Linux | 2025-04-03 | N/A |
| The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs. | ||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2025-04-03 | N/A |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | ||||
| CVE-2003-0780 | 4 Conectiva, Mysql, Oracle and 1 more | 5 Linux, Mysql, Mysql and 2 more | 2025-04-03 | N/A |
| Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | ||||
| CVE-2005-0373 | 6 Apple, Conectiva, Cyrus and 3 more | 8 Mac Os X, Mac Os X Server, Linux and 5 more | 2025-04-03 | N/A |
| Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. | ||||
| CVE-2004-1337 | 3 Conectiva, Gnu, Ubuntu | 3 Linux, Realtime Linux Security Module, Ubuntu Linux | 2025-04-03 | N/A |
| The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. | ||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | ||||
| CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2025-04-03 | N/A |
| Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | ||||
| CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 8 Linux, Debian Linux, Freebsd and 5 more | 2025-04-03 | N/A |
| Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | ||||
| CVE-2001-0178 | 4 Caldera, Conectiva, Mandrakesoft and 1 more | 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more | 2025-04-03 | N/A |
| kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | ||||
| CVE-2004-0497 | 7 Conectiva, Gentoo, Linux and 4 more | 9 Linux, Linux, Linux Kernel and 6 more | 2025-04-03 | N/A |
| Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. | ||||
| CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2025-04-03 | N/A |
| The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. | ||||