Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Redhat)| Repositories | https://github.com/mjg59/linux |
| #Vulnerabilities | 232 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-07-24 | CVE-2003-0442 | Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter. | Php, Linux | N/A | ||
| 2003-07-24 | CVE-2003-0434 | Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | Acrobat, Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Linux, Linux_advanced_workstation, Xpdf | N/A | ||
| 2003-06-16 | CVE-2003-0370 | Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | Safari, Kde, Konqueror_embedded, Linux, Turbolinux_server, Turbolinux_workstation | N/A | ||
| 2003-06-16 | CVE-2003-0364 | The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. | Linux | N/A | ||
| 2003-06-16 | CVE-2003-0354 | Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job. | Linux | N/A | ||
| 2003-06-16 | CVE-2003-0248 | The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. | Linux | N/A | ||
| 2003-06-16 | CVE-2003-0247 | Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops"). | Linux | N/A | ||
| 2003-06-09 | CVE-2003-0194 | tcpdump does not properly drop privileges to the pcap user when starting up. | Linux, Tcpdump | N/A | ||
| 2003-06-09 | CVE-2003-0188 | lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories. | Lv, Linux, Lv | N/A | ||
| 2003-04-11 | CVE-2003-0135 | vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended. | Linux | N/A |