Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
703 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1347 | 3 Apple, Cyrusimap, Redhat | 4 Mac Os X, Mac Os X Server, Cyrus Sasl and 1 more | 2025-04-03 | 9.8 Critical |
| Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. | ||||
| CVE-2002-1350 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2002-1362 | 2 Matthew Smith, Redhat | 3 Micq, Enterprise Linux, Linux | 2025-04-03 | N/A |
| mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character. | ||||
| CVE-2002-1363 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. | ||||
| CVE-2003-0927 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. | ||||
| CVE-2002-1372 | 3 Apple, Debian, Redhat | 4 Cups, Mac Os X, Debian Linux and 1 more | 2025-04-03 | 7.5 High |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. | ||||
| CVE-2002-1374 | 3 Oracle, Redhat, Symantec Veritas | 5 Mysql, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password. | ||||
| CVE-2002-1375 | 3 Oracle, Redhat, Symantec Veritas | 5 Mysql, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response. | ||||
| CVE-2002-1383 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2025-04-03 | N/A |
| Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. | ||||
| CVE-2002-1393 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | ||||
| CVE-2003-0962 | 4 Andrew Tridgell, Engardelinux, Redhat and 1 more | 7 Rsync, Secure Community, Secure Linux and 4 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. | ||||
| CVE-2002-1398 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input." | ||||
| CVE-2002-1402 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2003-0963 | 2 Alexander V. Lukyanov, Redhat | 3 Lftp, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands. | ||||
| CVE-2003-0965 | 2 Gnu, Redhat | 2 Mailman, Linux | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. | ||||
| CVE-2002-1472 | 2 Redhat, Xfree86 Project | 2 Linux, X11r6 | 2025-04-03 | N/A |
| Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | ||||
| CVE-2003-0984 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. | ||||
| CVE-2002-1509 | 1 Redhat | 2 Enterprise Linux, Linux | 2025-04-03 | N/A |
| A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email. | ||||
| CVE-2003-0988 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file. | ||||
| CVE-2002-1510 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2025-04-03 | N/A |
| xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist. | ||||