Export limit exceeded: 23207 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23207 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3186 | 3 Gnome, Gtk, Redhat | 3 Gdkpixbuf, Gtk\+, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow. | ||||
| CVE-2005-3191 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2025-04-03 | N/A |
| Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index. | ||||
| CVE-2005-3192 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2025-04-03 | N/A |
| Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field. | ||||
| CVE-2005-3193 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2025-04-03 | N/A |
| Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated. | ||||
| CVE-2005-3241 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors in the (1) ISAKMP, (2) FC-FCS, (3) RSVP, and (4) ISIS LSP dissector. | ||||
| CVE-2005-3242 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled. | ||||
| CVE-2005-3243 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector. | ||||
| CVE-2005-3244 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||||
| CVE-2005-3245 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2005-3246 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference) via unknown vectors in the (1) SCSI, (2) sFlow, or (3) RTnet dissectors. | ||||
| CVE-2005-3247 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||||
| CVE-2005-3248 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (divide-by-zero) via unknown vectors. | ||||
| CVE-2005-3249 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or corrupt memory via unknown vectors that cause Ethereal to free an invalid pointer. | ||||
| CVE-2005-3257 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys. | ||||
| CVE-2005-3272 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets. | ||||
| CVE-2005-3273 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats. | ||||
| CVE-2005-3274 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2025-04-03 | 4.7 Medium |
| Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. | ||||
| CVE-2005-3275 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption. | ||||
| CVE-2005-3276 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information. | ||||
| CVE-2005-3313 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2025-04-03 | N/A |
| The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop). | ||||