Filtered by vendor Mandrakesoft
Subscriptions
Filtered by product Mandrake Linux Corporate Server
Subscriptions
Total
61 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1235 | 7 Avaya, Conectiva, Linux and 4 more | 20 Converged Communications Server, Intuity Audix, Mn100 and 17 more | 2025-04-03 | N/A |
| Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. | ||||
| CVE-2005-0472 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | ||||
| CVE-2005-0473 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | ||||
| CVE-2005-0605 | 8 Altlinux, Lesstif, Mandrakesoft and 5 more | 12 Alt Linux, Lesstif, Mandrake Linux and 9 more | 2025-04-03 | N/A |
| scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | ||||
| CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2025-04-03 | N/A |
| Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | ||||
| CVE-2005-2377 | 1 Mandrakesoft | 2 Mandrake Linux, Mandrake Linux Corporate Server | 2025-04-03 | N/A |
| nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE. | ||||
| CVE-2001-0117 | 4 Immunix, Mandrakesoft, Redhat and 1 more | 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | N/A |
| sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | ||||
| CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 7 Linux, Freebsd, Licq and 4 more | 2025-04-03 | N/A |
| licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | ||||
| CVE-2002-0083 | 9 Conectiva, Engardelinux, Immunix and 6 more | 11 Linux, Secure Linux, Immunix and 8 more | 2025-04-03 | 9.8 Critical |
| Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. | ||||
| CVE-2004-0497 | 7 Conectiva, Gentoo, Linux and 4 more | 9 Linux, Linux, Linux Kernel and 6 more | 2025-04-03 | N/A |
| Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. | ||||
| CVE-2004-0535 | 7 Conectiva, Engardelinux, Gentoo and 4 more | 18 Linux, Secure Community, Secure Linux and 15 more | 2025-04-03 | N/A |
| The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. | ||||
| CVE-2001-0736 | 5 Engardelinux, Immunix, Mandrakesoft and 2 more | 6 Secure Linux, Immunix, Mandrake Linux and 3 more | 2025-04-03 | N/A |
| Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2002-0638 | 3 Hp, Mandrakesoft, Redhat | 6 Secure Os, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2025-04-03 | N/A |
| setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | ||||
| CVE-2001-1449 | 2 Apache, Mandrakesoft | 4 Http Server, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2025-04-03 | N/A |
| The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. | ||||
| CVE-2001-1030 | 6 Caldera, Immunix, Mandrakesoft and 3 more | 8 Openlinux Server, Immunix, Mandrake Linux and 5 more | 2025-04-03 | N/A |
| Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. | ||||
| CVE-2004-1180 | 3 Debian, Mandrakesoft, Sun | 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | N/A |
| Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | ||||
| CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | N/A |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | ||||
| CVE-2004-0565 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 7 Linux, Linux Kernel, Mandrake Linux and 4 more | 2025-04-03 | N/A |
| Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit. | ||||
| CVE-2004-0834 | 3 Gentoo, Mandrakesoft, Speedtouch | 5 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | N/A |
| Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. | ||||