Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
703 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0192 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite. | ||||
| CVE-2003-0194 | 1 Redhat | 3 Enterprise Linux, Linux, Tcpdump | 2025-04-03 | N/A |
| tcpdump does not properly drop privileges to the pcap user when starting up. | ||||
| CVE-2003-0252 | 2 Linux-nfs, Redhat | 3 Nfs-utils, Enterprise Linux, Linux | 2025-04-03 | 9.8 Critical |
| Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines. | ||||
| CVE-2003-0253 | 2 Apache, Redhat | 2 Http Server, Linux | 2025-04-03 | N/A |
| The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. | ||||
| CVE-2003-0282 | 3 Info-zip, Redhat, Sco | 5 Unzip, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. | ||||
| CVE-2003-0354 | 1 Redhat | 2 Enterprise Linux, Linux | 2025-04-03 | N/A |
| Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job. | ||||
| CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 7 Safari, Kde, Konqueror Embedded and 4 more | 2025-04-03 | N/A |
| Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | ||||
| CVE-2003-0432 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors. | ||||
| CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2025-04-03 | N/A |
| Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | ||||
| CVE-2003-0442 | 2 Php, Redhat | 2 Php, Linux | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter. | ||||
| CVE-2003-0459 | 2 Kde, Redhat | 10 Konqueror, Konqueror Embedded, Analog Real-time Synthesizer and 7 more | 2025-04-03 | N/A |
| KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. | ||||
| CVE-2003-0461 | 1 Redhat | 2 Enterprise Linux, Linux | 2025-04-03 | N/A |
| /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords. | ||||
| CVE-2003-0476 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. | ||||
| CVE-2003-0501 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. | ||||
| CVE-2003-0546 | 1 Redhat | 2 Linux, Up2date | 2025-04-03 | N/A |
| up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. | ||||
| CVE-2003-0549 | 2 Gnome, Redhat | 5 Gdm, Enterprise Linux, Kdebase and 2 more | 2025-04-03 | N/A |
| The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. | ||||
| CVE-2003-0564 | 2 Hitachi, Redhat | 4 Groupmax Mail - Security Option, Pki Runtime Library, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | ||||
| CVE-2003-0592 | 2 Kde, Redhat | 4 Konqueror, Konqueror Embedded, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2003-0594 | 2 Mozilla, Redhat | 3 Mozilla, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2002-1131 | 2 Redhat, Squirrelmail | 2 Linux, Squirrelmail | 2025-04-03 | N/A |
| Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php. | ||||