Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1345 | 3 Ncftp Software, Openbsd, Sun | 4 Ncftp, Openbsd, Solaris and 1 more | 2025-04-03 | N/A |
| Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. | ||||
| CVE-2002-1350 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2002-1351 | 1 Melange | 1 Melange Chat System | 2025-04-03 | N/A |
| Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service (chat server crash) and possibly execute arbitrary code via the msgText buffer in the chat_InterpretData function, as demonstrated via a long Nick (nickname) request. | ||||
| CVE-2002-1352 | 1 Per Magne Knutsen | 1 Cartman | 2025-04-03 | N/A |
| Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product prices by changing the price parameter. | ||||
| CVE-2002-1353 | 1 Intranet-server | 1 Localweb2000 | 2025-04-03 | N/A |
| LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst. | ||||
| CVE-2002-1354 | 1 Typsoft | 1 Typsoft Ftp Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows local users to list the contents of arbitrary directories via a ... (dot dot dot) in the cd/CWD command. | ||||
| CVE-2002-1355 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages. | ||||
| CVE-2002-1387 | 1 Ehud Gavron | 1 Tracesroute | 2025-04-03 | N/A |
| The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes (number of probes) argument. | ||||
| CVE-2002-1356 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages. | ||||
| CVE-2002-1362 | 2 Matthew Smith, Redhat | 3 Micq, Enterprise Linux, Linux | 2025-04-03 | N/A |
| mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character. | ||||
| CVE-2002-1363 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. | ||||
| CVE-2002-1364 | 1 Ehud Gavron | 1 Tracesroute | 2025-04-03 | N/A |
| Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses. | ||||
| CVE-2002-1366 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. | ||||
| CVE-2002-1368 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. | ||||
| CVE-2002-1369 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| CVE-2002-1371 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | ||||
| CVE-2002-1374 | 3 Oracle, Redhat, Symantec Veritas | 5 Mysql, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password. | ||||
| CVE-2002-1375 | 3 Oracle, Redhat, Symantec Veritas | 5 Mysql, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response. | ||||
| CVE-2002-1376 | 3 Oracle, Redhat, Symantec Veritas | 6 Mysql, Enterprise Linux, Linux and 3 more | 2025-04-03 | N/A |
| libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2002-1377 | 2 Redhat, Vim Development Group | 3 Enterprise Linux, Linux, Vim | 2025-04-03 | N/A |
| vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt. | ||||