Filtered by vendor Redhat
Subscriptions
Filtered by product Powertools
Subscriptions
Total
79 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0811 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2025-04-03 | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi. | ||||
| CVE-2002-0821 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector. | ||||
| CVE-2002-0834 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets. | ||||
| CVE-2002-0838 | 4 Ggv, Ghostview, Gv and 1 more | 6 Ggv, Ghostview, Gv and 3 more | 2025-04-03 | N/A |
| Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf. | ||||
| CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 8 Linux, Debian Linux, Freebsd and 5 more | 2025-04-03 | N/A |
| Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | ||||
| CVE-2001-0279 | 3 Debian, Mandrakesoft, Redhat | 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | N/A |
| Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. | ||||
| CVE-2001-0869 | 3 Caldera, Redhat, Suse | 6 Openlinux Eserver, Openlinux Workstation, Linux and 3 more | 2025-04-03 | N/A |
| Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. | ||||
| CVE-2002-0009 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2025-04-03 | N/A |
| show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu. | ||||
| CVE-2002-0043 | 2 Redhat, Todd Miller | 3 Linux, Powertools, Sudo | 2025-04-03 | N/A |
| sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked. | ||||
| CVE-2002-0805 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2025-04-03 | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code. | ||||
| CVE-2002-0809 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2025-04-03 | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names. | ||||
| CVE-2001-0889 | 2 Redhat, University Of Cambridge | 3 Linux, Powertools, Exim | 2025-04-03 | N/A |
| Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 5 Linux, Debian Linux, Linux and 2 more | 2025-04-03 | N/A |
| Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | ||||
| CVE-2001-1406 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2025-04-03 | N/A |
| process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent. | ||||
| CVE-2002-0855 | 2 Gnu, Redhat | 5 Mailman, Enterprise Linux, Linux and 2 more | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature. | ||||
| CVE-2002-0059 | 2 Redhat, Zlib | 3 Linux, Powertools, Zlib | 2025-04-03 | 9.8 Critical |
| The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data. | ||||
| CVE-2001-1083 | 2 Icecast, Redhat | 2 Icecast, Powertools | 2025-04-03 | N/A |
| Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). | ||||
| CVE-2002-0013 | 2 Redhat, Snmp | 3 Linux, Powertools, Snmp | 2025-04-03 | N/A |
| Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||||
| CVE-2002-0401 | 3 Debian, Ethereal, Redhat | 4 Debian Linux, Ethereal, Linux and 1 more | 2025-04-03 | 7.5 High |
| SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. | ||||
| CVE-2001-0569 | 2 Redhat, Zope | 2 Powertools, Zope | 2025-04-03 | N/A |
| Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the method return values related to the classes (1) ObjectManager, (2) PropertyManager, and (3) PropertySheet. | ||||