Redhat
redhat
5,653 CVEs • 533 products
Products (533)
Click to collapseToggle
Products (533)
Click to collapse
CVEs (5,653)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. |
5Debian FreebsdGnu+2 more5Debian Linux FreebsdLinux+2 moreApr 16, 2026 Mar 8, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." |
8Caldera DebianFreebsd+5 more9Debian Linux FreebsdLinux+6 moreApr 16, 2026 Feb 27, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. |
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes tha...Show more |
3Debian GnuRedhat3Debian Linux EnscriptLinuxApr 16, 2026 Jan 31, 2002 N/A· v4 N/A· v3 3.6 LOW· v2 GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. |
4Engardelinux MandrakesoftRedhat+1 more4Linux Mandrake LinuxSecure Linux+1 moreApr 16, 2026 Jan 31, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code. |
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. |
3Openbsd RedhatSuse3Linux OpensshSuse LinuxApr 16, 2026 Dec 21, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. |
3Caldera RedhatSuse5Linux Linux PowertoolsOpenlinux Eserver+2 moreApr 16, 2026 Dec 21, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. |
2Redhat University Of Cambridge2Exim LinuxApr 16, 2026 Dec 19, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell meta...Show more |
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. |
TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header. |
apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of se...Show more |
Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status. |
RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried. |
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges. |
5Engardelinux ImmunixMandrakesoft+2 more6Immunix LinuxMandrake Linux+3 moreApr 16, 2026 Oct 18, 2001 N/A· v4 N/A· v3 2.1 LOW· v2 Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. |
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. |
4Conectiva DebianRedhat+1 more4Debian Linux EximLinux+1 moreApr 16, 2026 Sep 20, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. |
3Immunix RedhatSuse3Immunix LinuxSuse LinuxApr 16, 2026 Sep 20, 2001 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. |