Export limit exceeded: 365419 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 365419 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (16515 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1269 2 Info-zip, Redhat 3 Unzip, Enterprise Linux, Linux 2026-04-16 N/A
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.
CVE-2001-1409 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, Xfree86 X Server 2026-04-16 N/A
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
CVE-2001-1413 2 Ncompress, Redhat 2 Ncompress, Enterprise Linux 2026-04-16 N/A
Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument.
CVE-2001-1494 3 Avaya, Kernel, Redhat 8 Cvlan, Integrated Management Suit, Interactive Response and 5 more 2026-04-16 5.5 Medium
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
CVE-2001-1572 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.
CVE-2002-0029 3 Astaro, Isc, Redhat 3 Security Linux, Bind, Enterprise Linux 2026-04-16 N/A
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.
CVE-2002-0036 2 Mit, Redhat 3 Kerberos 5, Enterprise Linux, Linux 2026-04-16 N/A
Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.
CVE-2002-0164 2 Caldera, Redhat 4 Openlinux Server, Openlinux Workstation, Enterprise Linux and 1 more 2026-04-16 N/A
Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.
CVE-2002-0178 2 Gnu, Redhat 3 Sharutils, Enterprise Linux, Linux 2026-04-16 N/A
uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands.
CVE-2002-0180 2 Bradford Barrett, Redhat 3 Webalizer, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname.
CVE-2002-0363 2 Aladdin Enterprises, Redhat 3 Ghostscript, Enterprise Linux, Linux 2026-04-16 N/A
ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice.
CVE-2002-0374 2 Padl Software, Redhat 3 Pam Ldap, Enterprise Linux, Linux 2026-04-16 N/A
Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name.
CVE-2002-0378 2 Astart Technologies, Redhat 3 Lprng, Enterprise Linux, Linux 2026-04-16 N/A
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
CVE-2002-0380 2 Lbl, Redhat 3 Tcpdump, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
CVE-2002-0382 2 Redhat, Xchat 3 Enterprise Linux, Linux, Xchat 2026-04-16 N/A
XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters.
CVE-2002-0384 2 Redhat, Rob Flynn 4 Enterprise Linux, Linux, Powertools and 1 more 2026-04-16 N/A
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
CVE-2002-0388 2 Gnu, Redhat 5 Mailman, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
CVE-2002-0389 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.
CVE-2002-0391 5 Freebsd, Microsoft, Openbsd and 2 more 9 Freebsd, Windows 2000, Windows Nt and 6 more 2026-04-16 9.8 Critical
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
CVE-2002-0392 3 Apache, Debian, Redhat 7 Http Server, Debian Linux, Enterprise Linux and 4 more 2026-04-16 N/A
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.