Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Stronghold
Subscriptions
Total
49 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0653 | 2 Modssl, Redhat | 6 Mod Ssl, Enterprise Linux, Linux and 3 more | 2025-04-03 | 7.8 High |
| Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries. | ||||
| CVE-2002-0839 | 3 Apache, Debian, Redhat | 6 Http Server, Debian Linux, Enterprise Linux and 3 more | 2025-04-03 | N/A |
| The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. | ||||
| CVE-2002-0985 | 3 Openpkg, Php, Redhat | 6 Openpkg, Php, Enterprise Linux and 3 more | 2025-04-03 | N/A |
| Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands. | ||||
| CVE-2003-0987 | 2 Apache, Redhat | 4 Http Server, Enterprise Linux, Rhel Stronghold and 1 more | 2025-04-03 | N/A |
| mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret. | ||||
| CVE-2004-1018 | 3 Canonical, Php, Redhat | 5 Ubuntu Linux, Php, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | ||||
| CVE-2005-3388 | 2 Php, Redhat | 4 Php, Enterprise Linux, Rhel Stronghold and 1 more | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment." | ||||
| CVE-2006-0208 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Stronghold | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message. | ||||
| CVE-2006-0996 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Stronghold | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including (1) a large number of dimensions or (2) long values, which prevents HTML tags from being removed. | ||||
| CVE-2006-1494 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Stronghold | 2025-04-03 | N/A |
| Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function. | ||||