Aggregates CVE and security vulnerability intelligence across all turbolinux-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow, vendor risk denial of service, and vendor risk integer handling and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-1352 | Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | [email protected] | 3.8 | 1.52% | 2007-04-06 | 2026-04-23 |
| CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | [email protected] | 5.0 | 3.33% | 2005-12-31 | 2026-04-16 |
| CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | [email protected] | 10.0 | 3.77% | 2005-12-31 | 2026-04-16 |
| CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | [email protected] | 5.0 | 2.25% | 2005-12-31 | 2026-04-16 |
| CVE-2005-0988 | Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | [email protected] | 3.7 | 0.66% | 2005-05-02 | 2026-04-16 |
| CVE-2004-1176 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | [email protected] | 7.5 | 3.10% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1175 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. | [email protected] | 7.5 | 1.62% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1174 | direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." | [email protected] | 5.0 | 1.43% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1093 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." | [email protected] | 5.0 | 1.67% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1092 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. | [email protected] | 5.0 | 1.67% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1091 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. | [email protected] | 5.0 | 1.67% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1090 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." | [email protected] | 5.0 | 1.67% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1009 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | [email protected] | 5.0 | 2.55% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | [email protected] | 7.5 | 1.79% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1004 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | [email protected] | 7.5 | 1.62% | 2005-04-14 | 2026-04-16 |
| CVE-2004-1073 | The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. | [email protected] | 2.1 | 0.81% | 2005-01-10 | 2026-04-16 |
| CVE-2004-1072 | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code. | [email protected] | 7.2 | 0.56% | 2005-01-10 | 2026-04-16 |
| CVE-2004-1071 | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | [email protected] | 7.2 | 0.51% | 2005-01-10 | 2026-04-16 |
| CVE-2004-1070 | The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code. | [email protected] | 7.2 | 0.51% | 2005-01-10 | 2026-04-16 |
| CVE-2004-0817 | Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | [email protected] | 7.5 | 4.87% | 2004-12-31 | 2026-04-16 |