Export limit exceeded: 344892 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 23250 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23250 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1276 | 2 Redhat, Squirrelmail | 2 Linux, Squirrelmail | 2026-04-16 | N/A |
| An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks. | ||||
| CVE-2002-1306 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL. | ||||
| CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 10 Enterprise Linux, Linux, Linux Advanced Workstation and 7 more | 2026-04-16 | N/A |
| Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | ||||
| CVE-2002-1348 | 2 Redhat, W3m | 3 Enterprise Linux, Linux, W3m | 2026-04-16 | N/A |
| w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | ||||
| CVE-2002-1363 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. | ||||
| CVE-2002-1391 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument. | ||||
| CVE-2002-1393 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | ||||
| CVE-2002-1397 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow. | ||||
| CVE-2002-1472 | 2 Redhat, Xfree86 Project | 2 Linux, X11r6 | 2026-04-16 | N/A |
| Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | ||||
| CVE-2002-1511 | 3 Att, Redhat, Tightvnc | 4 Vnc, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. | ||||
| CVE-2002-1563 | 2 Redhat, Stunnel | 3 Enterprise Linux, Linux, Stunnel | 2026-04-16 | N/A |
| stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter. | ||||
| CVE-2002-1565 | 2 Immunix, Redhat | 2 Immunix, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL. | ||||
| CVE-2002-1571 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers. | ||||
| CVE-2001-1275 | 2 Oracle, Redhat | 2 Mysql, Linux | 2026-04-16 | N/A |
| MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking. | ||||
| CVE-2001-1274 | 2 Oracle, Redhat | 2 Mysql, Linux | 2026-04-16 | N/A |
| Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges. | ||||
| CVE-2001-1273 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | N/A |
| The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system halt). | ||||
| CVE-2001-1247 | 2 Php, Redhat | 2 Php, Linux | 2026-04-16 | N/A |
| PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files. | ||||
| CVE-2001-1230 | 2 Icecast, Redhat | 2 Icecast, Powertools | 2026-04-16 | N/A |
| Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | ||||
| CVE-2001-1229 | 3 Icecast, Libshout, Redhat | 3 Icecast, Libshout, Powertools | 2026-04-16 | N/A |
| Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | ||||
| CVE-2001-1175 | 2 Andries Brouwer, Redhat | 2 Util-linux, Linux | 2026-04-16 | N/A |
| vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing. | ||||