Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
703 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0593 | 3 Mozilla, Netscape, Redhat | 5 Mozilla, Communicator, Navigator and 2 more | 2025-04-03 | N/A |
| Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | ||||
| CVE-2002-1151 | 2 Kde, Redhat | 4 Kde, Konqueror, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains. | ||||
| CVE-2002-1155 | 1 Redhat | 2 Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument. | ||||
| CVE-2002-1158 | 2 Canna, Redhat | 3 Canna, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user. | ||||
| CVE-2002-1165 | 3 Netbsd, Redhat, Sendmail | 4 Netbsd, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | ||||
| CVE-2002-1235 | 4 Debian, Kth, Mit and 1 more | 6 Debian Linux, Kth Kerberos 4, Kth Kerberos 5 and 3 more | 2025-04-03 | N/A |
| The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| CVE-2002-1247 | 3 Kde, Lisa, Redhat | 5 Kde, Klisa, Lisa and 2 more | 2025-04-03 | N/A |
| Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon. | ||||
| CVE-2002-1276 | 2 Redhat, Squirrelmail | 2 Linux, Squirrelmail | 2025-04-03 | N/A |
| An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks. | ||||
| CVE-2002-1319 | 3 Linux, Redhat, Trustix | 4 Linux Kernel, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. | ||||
| CVE-2002-1336 | 2 Redhat, Tightvnc | 3 Enterprise Linux, Linux, Tightvnc | 2025-04-03 | N/A |
| TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | ||||
| CVE-2002-1348 | 2 Redhat, W3m | 3 Enterprise Linux, Linux, W3m | 2025-04-03 | N/A |
| w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | ||||
| CVE-2002-1362 | 2 Matthew Smith, Redhat | 3 Micq, Enterprise Linux, Linux | 2025-04-03 | N/A |
| mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character. | ||||
| CVE-2002-1363 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. | ||||
| CVE-2002-1365 | 2 Fetchmail, Redhat | 3 Fetchmail, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | ||||
| CVE-2002-1392 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2025-04-03 | N/A |
| faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | ||||
| CVE-2002-1400 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string. | ||||
| CVE-2002-0638 | 3 Hp, Mandrakesoft, Redhat | 6 Secure Os, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2025-04-03 | N/A |
| setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | ||||
| CVE-2002-1509 | 1 Redhat | 2 Enterprise Linux, Linux | 2025-04-03 | N/A |
| A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email. | ||||
| CVE-2002-1572 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors. | ||||
| CVE-2002-0658 | 2 Ossp, Redhat | 5 Mm, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack. | ||||