Export limit exceeded: 45224 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 23402 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23402 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1510 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2025-04-03 | N/A |
| xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | ||||
| CVE-2002-1508 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2025-04-03 | N/A |
| slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests. | ||||
| CVE-2002-1472 | 2 Redhat, Xfree86 Project | 2 Linux, X11r6 | 2025-04-03 | N/A |
| Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | ||||
| CVE-2002-1402 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2002-1401 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow. | ||||
| CVE-2002-1400 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string. | ||||
| CVE-2002-1398 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input." | ||||
| CVE-2002-1397 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow. | ||||
| CVE-2002-1396 | 2 Php, Redhat | 2 Php, Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2002-1395 | 2 Debian, Redhat | 3 Internet Message, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. | ||||
| CVE-2002-1394 | 2 Apache, Redhat | 3 Tomcat, Rhel Stronghold, Stronghold | 2025-04-03 | N/A |
| Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | ||||
| CVE-2002-1393 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | ||||
| CVE-2002-1391 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument. | ||||
| CVE-2002-1377 | 2 Redhat, Vim Development Group | 3 Enterprise Linux, Linux, Vim | 2025-04-03 | N/A |
| vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt. | ||||
| CVE-2002-1372 | 3 Apple, Debian, Redhat | 4 Cups, Mac Os X, Debian Linux and 1 more | 2025-04-03 | 7.5 High |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. | ||||
| CVE-2002-1371 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | ||||
| CVE-2002-1362 | 2 Matthew Smith, Redhat | 3 Micq, Enterprise Linux, Linux | 2025-04-03 | N/A |
| mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character. | ||||
| CVE-2002-1356 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages. | ||||
| CVE-2002-1347 | 3 Apple, Cyrusimap, Redhat | 4 Mac Os X, Mac Os X Server, Cyrus Sasl and 1 more | 2025-04-03 | 9.8 Critical |
| Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. | ||||
| CVE-2002-1344 | 3 Gnu, Redhat, Sun | 4 Wget, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences. | ||||