Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Gentoo)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 131 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-02-22 | CVE-2005-0535 | Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users. | Linux, Mediawiki | N/A | ||
| 2005-03-14 | CVE-2005-0470 | Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data. | Linux, Suse_linux, Wpa_supplicant | N/A | ||
| 2005-04-27 | CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | Ptex, Cstetex, Debian_linux, Cups, Linux, Gpdf, Kde, Koffice, Kpdf, Mandrake_linux_corporate_server, Pdftohtml, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Advanced_linux_environment, Propack, Suse_linux, Tetex, Ubuntu_linux, Xpdf | N/A | ||
| 2005-05-02 | CVE-2005-0077 | The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | Debian_linux, Linux, Enterprise_linux, Enterprise_linux_desktop, Ubuntu_linux | N/A | ||
| 2005-05-02 | CVE-2005-0005 | Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. | Debian_linux, Linux, Graphicsmagick, Imagemagick, Propack, Suse_linux | N/A | ||
| 2004-05-02 | CVE-2004-1983 | The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors. | Linux, Pax_linux | N/A | ||
| 2004-08-16 | CVE-2004-1737 | SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. | Linux, Cacti | N/A | ||
| 2004-12-31 | CVE-2004-1471 | Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. | Cvs, Freebsd, Linux, Openbsd, Openpkg, Propack | N/A | ||
| 2004-12-31 | CVE-2004-1452 | Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. | Linux | N/A | ||
| 2004-12-23 | CVE-2004-1336 | The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. | Tetex\-Bin, Linux | N/A |