Secure Linux

secure_linux

Vendor: Trustix • 65 CVEs

CVEs (65)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-0910 2Php Trustix 2Php Secure Linux Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
CVE-2007-0909 2Php Trustix 2Php Secure Linux Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the print functions on 64-bit systems, and (2) the odbc_result_all fu...Show more Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the print functions on 64-bit systems, and (2) the odbc_result_all function.Show less
CVE-2007-0907 2Php Trustix 2Php Secure Linux Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.
CVE-2007-0906 2Php Trustix 2Php Secure Linux Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5)...Show more Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).Show less
CVE-2007-0905 2Php Trustix 2Php Secure Linux Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
CVE-2005-3626 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null derefer...Show more Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.Show less
CVE-2005-3625 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated usi...Show more Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."Show less
CVE-2005-3624 18Conectiva DebianEasy Software Products+15 more 33Cups Debian LinuxEnterprise Linux+30 more Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDe...Show more The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.Show less
CVE-2005-1267 5Gentoo LblMandrakesoft+2 more 5Fedora Core LinuxMandrake Linux+2 more Apr 16, 2026 Jun 10, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packe...Show more The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.Show less
CVE-2005-1410 2Postgresql Trustix 2Postgresql Secure Linux Apr 16, 2026 May 3, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, w...Show more The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments.Show less
CVE-2005-0988 7Freebsd GentooGnu+4 more 13Enterprise Linux Enterprise Linux DesktopFreebsd+10 more Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 3.7 LOW· v2 Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose perm...Show more Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.Show less
CVE-2005-0001 3Linux RedhatTrustix 4Enterprise Linux Enterprise Linux DesktopLinux Kernel+1 more Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent t...Show more Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.Show less
CVE-2005-0384 4Redhat SuseTrustix+1 more 4Enterprise Linux Secure LinuxSuse Linux+1 more Apr 16, 2026 Mar 15, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
CVE-2004-1051 5Debian MandrakesoftTodd Miller+2 more 7Debian Linux Mandrake LinuxMandrake Linux Corporate Server+4 more Apr 16, 2026 Mar 1, 2005 N/A· v4 N/A· v3 7.2 HIGH· v2 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without usin...Show more sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.Show less
CVE-2004-0990 5Gd Graphics Library GentooOpenpkg+2 more 5Gdlib LinuxOpenpkg+2 more Apr 16, 2026 Mar 1, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image ro...Show more Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.Show less
CVE-2004-0989 5Redhat TrustixUbuntu+2 more 6Command Line Xml Toolkit Fedora CoreLibxml+3 more Apr 16, 2026 Mar 1, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScan...Show more Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.Show less
CVE-2004-0977 4Mandrakesoft PostgresqlRedhat+1 more 6Enterprise Linux Enterprise Linux DesktopMandrake Linux+3 more Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-0957 6Openpkg OracleRedhat+3 more 7Enterprise Linux Enterprise Linux DesktopMysql+4 more Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow th...Show more Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.Show less
CVE-2004-0941 2Gd Graphics Library Trustix 2Gdlib Secure Linux Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMal...Show more Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.Show less
CVE-2004-0940 6Apache HpOpenpkg+3 more 6Hp Ux Http ServerOpenpkg+3 more Apr 16, 2026 Feb 9, 2005 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a lengt...Show more Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.Show less

12 3 4 Next