Search Results (150 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1171 3 Kde, Mandrakesoft, Redhat 3 Kde, Mandrake Linux, Fedora Core 2026-04-16 N/A
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
CVE-2004-2395 1 Mandrakesoft 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall 2026-04-16 N/A
Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.
CVE-2004-2396 1 Mandrakesoft 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall 2026-04-16 N/A
passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.
CVE-2001-0473 5 Conectiva, Immunix, Mandrakesoft and 2 more 5 Linux, Immunix, Mandrake Linux and 2 more 2026-04-16 N/A
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
CVE-2005-3625 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2026-04-16 N/A
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
CVE-2005-1267 5 Gentoo, Lbl, Mandrakesoft and 2 more 6 Linux, Tcpdump, Mandrake Linux and 3 more 2026-04-16 N/A
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVE-1999-1008 2 Freebsd, Mandrakesoft 2 Freebsd, Mandrake Linux 2026-04-16 N/A
xsoldier program allows local users to gain root access via a long argument.
CVE-2002-0002 4 Engardelinux, Mandrakesoft, Redhat and 1 more 4 Secure Linux, Mandrake Linux, Linux and 1 more 2026-04-16 N/A
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
CVE-2001-0736 5 Engardelinux, Immunix, Mandrakesoft and 2 more 6 Secure Linux, Immunix, Mandrake Linux and 3 more 2026-04-16 N/A
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
CVE-2001-0912 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.
CVE-2000-0184 2 Mandrakesoft, Redhat 2 Mandrake Linux, Linux 2026-04-16 N/A
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
CVE-2001-0416 4 Debian, Immunix, Mandrakesoft and 1 more 4 Sgml-tools, Immunix, Mandrake Linux and 1 more 2026-04-16 N/A
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
CVE-2000-0508 3 Debian, Mandrakesoft, Redhat 3 Debian Linux, Mandrake Linux, Linux 2026-04-16 N/A
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
CVE-2001-0481 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.
CVE-2001-0496 2 Mandrakesoft, Redhat 2 Mandrake Linux, Linux 2026-04-16 N/A
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
CVE-2000-0566 3 Caldera, Mandrakesoft, Redhat 3 Openlinux, Mandrake Linux, Linux 2026-04-16 N/A
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
CVE-2000-0594 3 Caldera, Freebsd, Mandrakesoft 6 Openlinux Desktop, Openlinux Ebuilder, Openlinux Edesktop and 3 more 2026-04-16 N/A
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
CVE-2000-0606 3 Debian, Mandrakesoft, Redhat 3 Debian Linux, Mandrake Linux, Linux 2026-04-16 N/A
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
CVE-2001-1030 6 Caldera, Immunix, Mandrakesoft and 3 more 8 Openlinux Server, Immunix, Mandrake Linux and 5 more 2026-04-16 N/A
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
CVE-2000-0718 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.