Vulnerabilities (CVE)

Filtered by vendor Gentoo Subscribe
Filtered by product Linux
Total 154 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0947 3 Arj Software Inc., Gentoo, Suse 3 Unarj, Linux, Suse Linux 2025-04-03 10.0 HIGH N/A
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.
CVE-2005-1267 5 Gentoo, Lbl, Mandrakesoft and 2 more 5 Linux, Tcpdump, Mandrake Linux and 2 more 2025-04-03 5.0 MEDIUM N/A
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVE-2004-0417 5 Cvs, Gentoo, Openbsd and 2 more 5 Cvs, Linux, Openbsd and 2 more 2025-04-03 5.0 MEDIUM N/A
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
CVE-2004-0626 4 Conectiva, Gentoo, Linux and 1 more 4 Linux, Linux, Linux Kernel and 1 more 2025-04-03 5.0 MEDIUM N/A
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
CVE-2004-0557 4 Conectiva, Gentoo, Redhat and 1 more 6 Linux, Linux, Enterprise Linux and 3 more 2025-04-03 10.0 HIGH N/A
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
CVE-2004-1031 2 Gentoo, Thibault Godouet 2 Linux, Fcron 2025-04-03 7.2 HIGH N/A
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.
CVE-2004-0936 11 Archive Zip, Broadcom, Ca and 8 more 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more 2025-04-03 7.5 HIGH N/A
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVE-2004-0497 7 Conectiva, Gentoo, Linux and 4 more 9 Linux, Linux, Linux Kernel and 6 more 2025-04-03 2.1 LOW N/A
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2004-0604 2 Gentoo, Gift-fasttrack 2 Linux, Gift-fasttrack 2025-04-03 5.0 MEDIUM N/A
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.
CVE-2004-1117 1 Gentoo 1 Linux 2025-04-03 7.2 HIGH N/A
The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
CVE-2004-1034 3 Gentoo, Kaffeine, Xine 3 Linux, Kaffeine Player, Gxine 2025-04-03 10.0 HIGH N/A
Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.
CVE-2004-1037 2 Gentoo, Twiki 2 Linux, Twiki 2025-04-03 10.0 HIGH N/A
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
CVE-2006-0071 1 Gentoo 2 App-crypt Pinentry, Linux 2025-04-03 6.6 MEDIUM N/A
The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.
CVE-2004-1027 3 Arjsoftware, Debian, Gentoo 3 Unarj, Debian Linux, Linux 2025-04-03 5.0 MEDIUM N/A
Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.
CVE-2005-0077 4 Debian, Gentoo, Redhat and 1 more 5 Debian Linux, Linux, Enterprise Linux and 2 more 2025-04-03 2.1 LOW N/A
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
CVE-2004-0667 2 Gentoo, Rsbac 2 Linux, Rule Set Based Access Control 2025-04-03 7.2 HIGH N/A
Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges.
CVE-2004-1026 3 Enlightenment, Gentoo, Redhat 3 Imlib, Linux, Linux 2025-04-03 10.0 HIGH N/A
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
CVE-2004-1304 3 File, Gentoo, Trustix 3 File, Linux, Secure Linux 2025-04-03 10.0 HIGH N/A
Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file.
CVE-2004-1983 2 Gentoo, The Pax Team 2 Linux, Pax Linux 2025-04-03 2.1 LOW N/A
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2004-1737 2 Gentoo, The Cacti Group 2 Linux, Cacti 2025-04-03 7.5 HIGH N/A
SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.