Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
700 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2002-0168 | 2 Enlightenment, Redhat | 2 Imlib, Linux | 2025-04-03 | N/A |
Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption. | ||||
CVE-2002-0169 | 1 Redhat | 3 Docbook Stylesheets, Docbook Utils, Linux | 2025-04-03 | N/A |
The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier. | ||||
CVE-2002-0178 | 2 Gnu, Redhat | 3 Sharutils, Enterprise Linux, Linux | 2025-04-03 | N/A |
uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands. | ||||
CVE-2002-0184 | 3 Debian, Redhat, Sudo Project | 4 Debian Linux, Linux, Powertools and 1 more | 2025-04-03 | 7.8 High |
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | ||||
CVE-2002-0185 | 2 Apache, Redhat | 2 Mod Python, Linux | 2025-04-03 | N/A |
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | ||||
CVE-2002-0353 | 2 Ethereal Group, Redhat | 3 Ethereal, Linux, Powertools | 2025-04-03 | N/A |
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields. | ||||
CVE-2002-0354 | 3 Mozilla, Netscape, Redhat | 3 Mozilla, Navigator, Linux | 2025-04-03 | N/A |
The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. | ||||
CVE-2002-0378 | 2 Astart Technologies, Redhat | 3 Lprng, Enterprise Linux, Linux | 2025-04-03 | N/A |
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts. | ||||
CVE-2002-0379 | 2 Redhat, University Of Washington | 2 Linux, Uw-imap | 2025-04-03 | N/A |
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request. | ||||
CVE-2002-0380 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet. | ||||
CVE-2002-0384 | 2 Redhat, Rob Flynn | 4 Enterprise Linux, Linux, Powertools and 1 more | 2025-04-03 | N/A |
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. | ||||
CVE-2002-0392 | 3 Apache, Debian, Redhat | 7 Http Server, Debian Linux, Enterprise Linux and 4 more | 2025-04-03 | N/A |
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. | ||||
CVE-2002-0399 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2025-04-03 | N/A |
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. | ||||
CVE-2002-0400 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Linux | 2025-04-03 | N/A |
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | ||||
CVE-2002-0401 | 3 Debian, Ethereal, Redhat | 4 Debian Linux, Ethereal, Linux and 1 more | 2025-04-03 | 7.5 High |
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. | ||||
CVE-2002-0402 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms. | ||||
CVE-2002-0403 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop. | ||||
CVE-2001-1375 | 2 Conectiva, Redhat | 2 Linux, Linux | 2025-04-03 | N/A |
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory. | ||||
CVE-2002-0435 | 2 Gnu, Redhat | 3 Fileutils, Enterprise Linux, Linux | 2025-04-03 | N/A |
Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system. | ||||
CVE-2002-0001 | 2 Mutt, Redhat | 2 Mutt, Linux | 2025-04-03 | N/A |
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list. |