Export limit exceeded: 19361 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 23397 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23397 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1377 | 2 Redhat, Vim Development Group | 3 Enterprise Linux, Linux, Vim | 2026-04-16 | N/A |
| vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt. | ||||
| CVE-2002-1378 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | ||||
| CVE-2002-1379 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2026-04-16 | N/A |
| OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. | ||||
| CVE-2002-1380 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | N/A |
| Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. | ||||
| CVE-2002-1383 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2026-04-16 | N/A |
| Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. | ||||
| CVE-2002-1384 | 3 Easy Software Products, Redhat, Xpdf | 4 Cups, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | ||||
| CVE-2002-1391 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument. | ||||
| CVE-2002-1392 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2026-04-16 | N/A |
| faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | ||||
| CVE-2002-1393 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | ||||
| CVE-2002-1394 | 2 Apache, Redhat | 3 Tomcat, Rhel Stronghold, Stronghold | 2026-04-16 | N/A |
| Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | ||||
| CVE-2002-1395 | 2 Debian, Redhat | 3 Internet Message, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. | ||||
| CVE-2002-1396 | 2 Php, Redhat | 2 Php, Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2002-1397 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow. | ||||
| CVE-2002-1398 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input." | ||||
| CVE-2002-1400 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string. | ||||
| CVE-2002-1401 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow. | ||||
| CVE-2002-1402 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2002-1405 | 4 Elinks, Links, Redhat and 1 more | 5 Elinks, Links, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters. | ||||
| CVE-2002-1467 | 2 Macromedia, Redhat | 4 Flash Player, Shockwave, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). | ||||
| CVE-2002-1472 | 2 Redhat, Xfree86 Project | 2 Linux, X11r6 | 2026-04-16 | N/A |
| Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | ||||