Export limit exceeded: 23206 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23206 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1396 | 2 Php, Redhat | 2 Php, Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2002-1395 | 2 Debian, Redhat | 3 Internet Message, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. | ||||
| CVE-2002-1394 | 2 Apache, Redhat | 3 Tomcat, Rhel Stronghold, Stronghold | 2025-04-03 | N/A |
| Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | ||||
| CVE-2002-1393 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | ||||
| CVE-2002-1392 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2025-04-03 | N/A |
| faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | ||||
| CVE-2002-1391 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument. | ||||
| CVE-2002-1384 | 3 Easy Software Products, Redhat, Xpdf | 4 Cups, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | ||||
| CVE-2002-1383 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. | ||||
| CVE-2002-1380 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. | ||||
| CVE-2002-1379 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2025-04-03 | N/A |
| OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. | ||||
| CVE-2002-1378 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | ||||
| CVE-2002-1369 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| CVE-2002-1368 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. | ||||
| CVE-2002-1367 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke. | ||||
| CVE-2002-1366 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. | ||||
| CVE-2002-1365 | 2 Fetchmail, Redhat | 3 Fetchmail, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | ||||
| CVE-2002-1363 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. | ||||
| CVE-2002-1355 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages. | ||||
| CVE-2002-1350 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2002-1348 | 2 Redhat, W3m | 3 Enterprise Linux, Linux, W3m | 2025-04-03 | N/A |
| w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | ||||