This page lists publicly disclosed CVE vulnerabilities affecting mandrakesoft mandrake_linux_corporate_server (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-6284 | The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences. | [email protected] | 5.0 | 5.10% | 2008-01-12 | 2026-04-23 |
| CVE-2007-0454 | Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping. | [email protected] | 7.5 | 4.41% | 2007-02-06 | 2026-04-23 |
| CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | [email protected] | 5.0 | 9.17% | 2005-12-31 | 2026-04-16 |
| CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | [email protected] | 10.0 | 11.29% | 2005-12-31 | 2026-04-16 |
| CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | [email protected] | 5.0 | 7.22% | 2005-12-31 | 2026-04-16 |
| CVE-2005-2377 | nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE. | [email protected] | 5.0 | 0.74% | 2005-07-26 | 2026-04-16 |
| CVE-2005-0206 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | [email protected] | 7.5 | 6.53% | 2005-04-27 | 2026-04-16 |
| CVE-2005-0085 | Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. | [email protected] | 6.8 | 4.72% | 2005-04-27 | 2026-04-16 |
| CVE-2005-0020 | Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code. | [email protected] | 7.2 | 0.06% | 2005-04-14 | 2026-04-16 |
| CVE-2005-0003 | The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. | [email protected] | 2.1 | 0.09% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1235 | Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. | [email protected] | 6.2 | 0.07% | 2005-04-14 | 2026-04-16 |
| CVE-2005-0473 | The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | [email protected] | 5.0 | 20.64% | 2005-03-14 | 2026-04-16 |
| CVE-2005-0472 | Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | [email protected] | 5.0 | 8.20% | 2005-03-14 | 2026-04-16 |
| CVE-2005-0605 | scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | [email protected] | 7.5 | 2.84% | 2005-03-02 | 2026-04-16 |
| CVE-2004-1051 | sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. | [email protected] | 7.2 | 0.27% | 2005-03-01 | 2026-04-16 |
| CVE-2004-0983 | The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. | [email protected] | 5.0 | 1.12% | 2005-03-01 | 2026-04-16 |
| CVE-2004-0977 | The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. | [email protected] | 2.1 | 0.09% | 2005-02-09 | 2026-04-16 |
| CVE-2004-0975 | The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | [email protected] | 2.1 | 0.08% | 2005-02-09 | 2026-04-16 |
| CVE-2004-0974 | The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | [email protected] | 2.1 | 0.10% | 2005-02-09 | 2026-04-16 |
| CVE-2004-1098 | MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header. | [email protected] | 7.5 | 0.45% | 2005-01-10 | 2026-04-16 |