Export limit exceeded: 10144 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10144 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0730 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. | ||||
| CVE-2005-1855 | 2 Debian, Sukria | 2 Debian Linux, Backup Manager | 2025-04-03 | N/A |
| Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information. | ||||
| CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2025-04-03 | N/A |
| cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | ||||
| CVE-1999-0434 | 5 Caldera, Debian, Netbsd and 2 more | 5 Openlinux, Debian Linux, Netbsd and 2 more | 2025-04-03 | N/A |
| XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | ||||
| CVE-2005-3323 | 2 Debian, Zope | 2 Debian Linux, Zope | 2025-04-03 | N/A |
| docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality. | ||||
| CVE-2005-3847 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-03 | 5.5 Medium |
| The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.13 and 2.6.12.6 allows local users to cause a denial of service (deadlock) by sending a SIGKILL to a real-time threaded process while it is performing a core dump. | ||||
| CVE-2005-4728 | 1 Debian | 1 Amaya | 2025-04-03 | N/A |
| Untrusted search path vulnerability (RPATH) in amaya 9.2.1 on Debian GNU/Linux allows local users to gain privileges via a malicious Mesa library in the /home/anand directory. | ||||
| CVE-2006-0050 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file. | ||||
| CVE-2006-1376 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption). | ||||
| CVE-2006-1753 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2000-0584 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2025-04-03 | N/A |
| Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | ||||
| CVE-1999-0405 | 4 Debian, Freebsd, Redhat and 1 more | 4 Debian Linux, Freebsd, Linux and 1 more | 2025-04-03 | N/A |
| A buffer overflow in lsof allows local users to obtain root privilege. | ||||
| CVE-1999-0389 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| Buffer overflow in the bootp server in the Debian Linux netstd package. | ||||
| CVE-1999-0341 | 2 Debian, Slackware | 2 Debian Linux, Slackware Linux | 2025-04-03 | N/A |
| Buffer overflow in the Linux mail program "deliver" allows local users to gain root access. | ||||
| CVE-2000-0512 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service. | ||||
| CVE-2006-3918 | 4 Apache, Canonical, Debian and 1 more | 9 Http Server, Ubuntu Linux, Debian Linux and 6 more | 2025-04-03 | N/A |
| http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file. | ||||
| CVE-2005-2700 | 4 Apache, Canonical, Debian and 1 more | 6 Http Server, Ubuntu Linux, Debian Linux and 3 more | 2025-04-03 | N/A |
| ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions. | ||||
| CVE-2006-2661 | 4 Canonical, Debian, Freetype and 1 more | 4 Ubuntu Linux, Debian Linux, Freetype and 1 more | 2025-04-03 | N/A |
| ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. | ||||
| CVE-2006-1244 | 4 Debian, Gnome, Libextractor and 1 more | 4 Debian Linux, Gpdf, Libextractor and 1 more | 2025-04-03 | N/A |
| Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature. | ||||
| CVE-2006-1531 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Seamonkey and 1 more | 2025-04-03 | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different. | ||||