Total
29763 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0144 | 1 Scott Parish | 1 Chuid | 2025-04-03 | N/A |
| Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack. | ||||
| CVE-2002-0157 | 2 Eazel, Redhat | 2 Nautilus, Linux | 2025-04-03 | N/A |
| Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file. | ||||
| CVE-2002-0175 | 1 Avaya | 1 Libsafe | 2025-04-03 | N/A |
| libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. | ||||
| CVE-2002-0214 | 1 Intel | 1 Intel Pro Wireless 2011b Lan Usb Device Driver | 2025-04-03 | N/A |
| Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key. | ||||
| CVE-2002-0232 | 1 Mrtg | 1 Multi Router Traffic Grapher Cgi | 2025-04-03 | N/A |
| Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14all-1.1.cgi, (3) traffic.cgi, or (4) mrtg.cgi. | ||||
| CVE-2002-0272 | 2 Mpg321, Redhat | 2 Mpg321, Linux | 2025-04-03 | N/A |
| Buffer overflows in mpg321 before 0.2.9 allows local and possibly remote attackers to execute arbitrary code via a long URL to (1) a command line option, (2) an HTTP request, or (3) an FTP request. | ||||
| CVE-2002-0284 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname. | ||||
| CVE-2002-0291 | 1 Funsoft | 1 Dinos Webserver | 2025-04-03 | N/A |
| Dino's Webserver 1.2 allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via several large HTTP requests within a short time. | ||||
| CVE-2002-0300 | 1 Gnujsp | 1 Gnujsp | 2025-04-03 | N/A |
| gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file. | ||||
| CVE-2002-0302 | 1 Symantec | 1 Enterprise Firewall | 2025-04-03 | N/A |
| The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack. | ||||
| CVE-2002-0304 | 1 Summit Computer Networks | 1 Lil Http Server | 2025-04-03 | N/A |
| Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request. | ||||
| CVE-2002-0323 | 1 Nombas | 1 Scriptease Webserver | 2025-04-03 | N/A |
| comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL. | ||||
| CVE-2002-0327 | 1 Century Software | 1 Term | 2025-04-03 | N/A |
| Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program. | ||||
| CVE-2002-0350 | 1 Hp | 1 Procurve Switch 4000m | 2025-04-03 | N/A |
| HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. | ||||
| CVE-2002-0353 | 2 Ethereal Group, Redhat | 3 Ethereal, Linux, Powertools | 2025-04-03 | N/A |
| The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields. | ||||
| CVE-2002-0374 | 2 Padl Software, Redhat | 3 Pam Ldap, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name. | ||||
| CVE-2002-0380 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet. | ||||
| CVE-2002-0398 | 1 Red-m | 1 1050ap Lan Acess Point | 2025-04-03 | N/A |
| Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name. | ||||
| CVE-2002-0406 | 1 Menasoft | 1 Sphereserver | 2025-04-03 | N/A |
| Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause a denial of service by establishing a large number of connections to the server without providing login credentials, which prevents other users from being able to log in. | ||||
| CVE-2002-0415 | 1 Realnetworks | 1 Realplayer | 2025-04-03 | N/A |
| Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275. | ||||