Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_desktop
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-12-23 | CVE-2004-0685 | Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. | Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Secure_linux | N/A | ||
| 2004-12-06 | CVE-2004-0607 | The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication. | Ipsec\-Tools, Racoon, Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2004-08-06 | CVE-2004-0557 | Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. | Linux, Linux, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Sox | N/A | ||
| 2004-11-23 | CVE-2004-0494 | Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI. | Cvlan, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation | N/A | ||
| 2002-12-31 | CVE-2002-2185 | The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | Debian_linux, Mandrake_linux, Windows_98, Windows_98se, Windows_xp, Enterprise_linux, Enterprise_linux_desktop, Linux, Linux_advanced_workstation, Irix, Suse_linux | N/A | ||
| 1996-07-16 | CVE-1999-1572 | cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. | Debian_linux, Freebsd, Mandrake_linux, Enterprise_linux, Enterprise_linux_desktop, Ubuntu_linux | N/A | ||
| 2018-07-25 | CVE-2018-13988 | Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. | Ubuntu_linux, Debian_linux, Poppler, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Openshift_container_platform | 6.5 | ||
| 2018-05-06 | CVE-2018-10768 | There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected. | Ubuntu_linux, Debian_linux, Poppler, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2018-05-06 | CVE-2018-10767 | There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack. | Libgxps, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2018-05-04 | CVE-2018-10733 | There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack. | Libgxps, Leap, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 |