Export limit exceeded: 16433 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (16433 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0389 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. | ||||
| CVE-2002-0391 | 5 Freebsd, Microsoft, Openbsd and 2 more | 9 Freebsd, Windows 2000, Windows Nt and 6 more | 2026-04-16 | 9.8 Critical |
| Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | ||||
| CVE-2002-0392 | 3 Apache, Debian, Redhat | 7 Http Server, Debian Linux, Enterprise Linux and 4 more | 2026-04-16 | N/A |
| Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. | ||||
| CVE-2002-0399 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. | ||||
| CVE-2002-0400 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Linux | 2026-04-16 | N/A |
| ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | ||||
| CVE-2002-0402 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms. | ||||
| CVE-2002-0403 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop. | ||||
| CVE-2002-0404 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2002-0435 | 2 Gnu, Redhat | 3 Fileutils, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system. | ||||
| CVE-2002-0593 | 3 Mozilla, Netscape, Redhat | 5 Mozilla, Communicator, Navigator and 2 more | 2026-04-16 | N/A |
| Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | ||||
| CVE-2002-0594 | 4 Galeon, Mozilla, Netscape and 1 more | 5 Galeon Browser, Mozilla, Navigator and 2 more | 2026-04-16 | N/A |
| Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | ||||
| CVE-2002-0638 | 3 Hp, Mandrakesoft, Redhat | 6 Secure Os, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2026-04-16 | N/A |
| setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | ||||
| CVE-2002-0640 | 2 Openbsd, Redhat | 3 Openssh, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt). | ||||
| CVE-2002-0651 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | ||||
| CVE-2002-0653 | 2 Modssl, Redhat | 6 Mod Ssl, Enterprise Linux, Linux and 3 more | 2026-04-16 | 7.8 High |
| Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries. | ||||
| CVE-2002-0655 | 4 Apple, Openssl, Oracle and 1 more | 8 Mac Os X, Openssl, Application Server and 5 more | 2026-04-16 | N/A |
| OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2002-0658 | 2 Ossp, Redhat | 5 Mm, Enterprise Linux, Linux and 2 more | 2026-04-16 | N/A |
| OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack. | ||||
| CVE-2002-0659 | 4 Apple, Openssl, Oracle and 1 more | 8 Mac Os X, Openssl, Application Server and 5 more | 2026-04-16 | N/A |
| The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. | ||||
| CVE-2002-0660 | 2 Greg Roelofs, Redhat | 4 Libpng, Libpng3, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728. | ||||
| CVE-2002-0684 | 3 Gnu, Isc, Redhat | 4 Glibc, Bind, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | ||||