Redhat
redhat
5,653 CVEs • 536 products
Products (536)
Click to collapseToggle
Products (536)
Click to collapse
CVEs (5,653)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR arch...Show more |
Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated users to execute arbitrary code via unknown vectors in a "back-end XMLRPC handler." |
Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed fra...Show more |
2Fedoraproject Redhat4Enterprise Linux Enterprise Linux DesktopFedora Core+1 moreApr 23, 2026 Jul 15, 2007 N/A· v4 N/A· v3 6.2 MEDIUM· v2 The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. |
4Apache CanonicalFedoraproject+1 more7Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+4 moreApr 23, 2026 Jun 27, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject a...Show more |
1Redhat 2Enterprise Linux Enterprise Linux DesktopApr 23, 2026 Jun 26, 2007 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users to cause a denial of service (kernel OOPS from null dereference) via fput in a 32-bit ioctl on 64-bit x86 systems, an incomplete fix of CVE-2005-3044...Show more |
Buffer overflow in cluster/cman/daemon/daemon.c in cman (redhat-cluster-suite) before 20070622 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long client messages. |
daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests, which might allow local users to obtain sensitive information from previous requests. |
4Apache CanonicalFedoraproject+1 more6Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+3 moreApr 23, 2026 Jun 20, 2007 N/A· v4 N/A· v3 4.7 MEDIUM· v2 Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is se...Show more |
usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users...Show more |
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management...Show more |
4Canonical DebianPhp+1 more5Debian Linux Enterprise Linux ServerEnterprise Linux Workstation+2 moreApr 23, 2026 May 9, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors. |
2Linux Redhat2Enterprise Linux Linux KernelApr 23, 2026 May 2, 2007 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c. |
1Redhat 2Enterprise Linux Fedora CoreApr 23, 2026 Apr 16, 2007 N/A· v4 N/A· v3 4.9 MEDIUM· v2 lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked. |
8Mandrakesoft OpenbsdRedhat+5 more12Enterprise Linux Enterprise Linux DesktopFedora Core+9 moreApr 23, 2026 Apr 6, 2007 N/A· v4 N/A· v3 3.8 LOW· v2 Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overfl...Show more |
7Mandrakesoft OpenbsdRedhat+4 more9Enterprise Linux Enterprise Linux DesktopLibxfont+6 moreApr 23, 2026 Apr 6, 2007 N/A· v4 N/A· v3 8.5 HIGH· v2 Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts,...Show more |
3Apache CanonicalRedhat7Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+4 moreApr 23, 2026 Mar 30, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resourc...Show more |
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges. |
5Canonical NovellPhp+2 more7Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+4 moreApr 23, 2026 Mar 6, 2007 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable...Show more |
The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which d...Show more |