Filtered by vendor Gentoo
Subscriptions
Total
199 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0700 | 3 Gentoo, Mod Ssl, Redhat | 5 Linux, Mod Ssl, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. | ||||
| CVE-2004-0432 | 3 Gentoo, Proftpd Project, Trustix | 3 Linux, Proftpd, Secure Linux | 2025-04-03 | N/A |
| ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. | ||||
| CVE-2004-0608 | 10 Arush, Dreamforge, Epic Games and 7 more | 14 Devastation, Tnn Outdoors Pro Hunter, Unreal Engine and 11 more | 2025-04-03 | N/A |
| The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory. | ||||
| CVE-2004-0633 | 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more | 5 Ethereal, Linux, Mandrake Linux and 2 more | 2025-04-03 | N/A |
| The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow. | ||||
| CVE-2004-0667 | 2 Gentoo, Rsbac | 2 Linux, Rule Set Based Access Control | 2025-04-03 | N/A |
| Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. | ||||
| CVE-2004-0749 | 2 Gentoo, Subversion | 2 Linux, Subversion | 2025-04-03 | N/A |
| The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames. | ||||
| CVE-2004-0932 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-0935 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-0936 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-0981 | 5 Debian, Gentoo, Imagemagick and 2 more | 5 Debian Linux, Linux, Imagemagick and 2 more | 2025-04-03 | N/A |
| Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. | ||||
| CVE-2004-1009 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | ||||
| CVE-2004-1029 | 5 Conectiva, Gentoo, Hp and 2 more | 8 Linux, Linux, Hp-ux and 5 more | 2025-04-03 | N/A |
| The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. | ||||
| CVE-2004-1055 | 2 Gentoo, Phpmyadmin | 2 Linux, Phpmyadmin | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser. | ||||
| CVE-2004-1091 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. | ||||
| CVE-2004-1093 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." | ||||
| CVE-2004-1452 | 1 Gentoo | 1 Linux | 2025-04-03 | N/A |
| Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. | ||||
| CVE-2004-1491 | 4 Gentoo, Kde, Opera and 1 more | 4 Linux, Kde, Opera Browser and 1 more | 2025-04-03 | N/A |
| Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | ||||
| CVE-2004-1901 | 1 Gentoo | 2 Linux, Portage | 2025-04-03 | 5.5 Medium |
| Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. | ||||
| CVE-2004-0649 | 2 Gentoo, L2tpd | 2 Linux, L2tpd | 2025-04-03 | N/A |
| Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-0333 | 4 Gentoo, Openpkg, Uudeview and 1 more | 4 Linux, Openpkg, Uudeview and 1 more | 2025-04-03 | N/A |
| Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters. | ||||