Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0105 | 1 Caldera | 1 Unixware | 2016-10-18 | 7.2 HIGH | N/A |
| CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable. | |||||
| CVE-2002-0165 | 1 Logwatch | 1 Logwatch | 2016-10-18 | 7.2 HIGH | N/A |
| LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162. | |||||
| CVE-2002-0099 | 1 Michael Lamont | 1 Savant Webserver | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . (dot) characters. | |||||
| CVE-2002-0138 | 1 Andreas Mueller | 1 Cdrdao | 2016-10-18 | 2.1 LOW | N/A |
| CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command. | |||||
| CVE-2002-0100 | 1 Aol | 1 Aol Server | 2016-10-18 | 7.5 HIGH | N/A |
| AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file. | |||||
| CVE-2002-0162 | 1 Logwatch | 1 Logwatch | 2016-10-18 | 6.2 MEDIUM | N/A |
| LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory. | |||||
| CVE-2002-0163 | 1 Squid | 1 Squid | 2016-10-18 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses. | |||||
| CVE-2002-0198 | 1 Paul L Daniels | 2 Inflex, Ripmime | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename. | |||||
| CVE-2002-0177 | 1 Icecast | 1 Icecast | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. | |||||
| CVE-2002-0142 | 1 Pi3 | 1 Pi3web | 2016-10-18 | 7.5 HIGH | N/A |
| CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long and ends in a series of . (dot) characters. | |||||
| CVE-2002-0112 | 1 Etype | 1 Eserv | 2016-10-18 | 5.0 MEDIUM | N/A |
| Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL. | |||||
| CVE-2002-0104 | 1 Aftpd | 1 Aftpd | 2016-10-18 | 5.0 MEDIUM | N/A |
| AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump. | |||||
| CVE-2002-0130 | 1 Efax | 1 Efax | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument. | |||||
| CVE-2002-0170 | 1 Zope | 1 Zope | 2016-10-18 | 7.5 HIGH | N/A |
| Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration. | |||||
| CVE-2002-0106 | 1 Bea | 1 Weblogic Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name. | |||||
| CVE-2002-0134 | 1 Avirt | 1 Avirt Gateway Suite | 2016-10-18 | 7.5 HIGH | N/A |
| Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command. | |||||
| CVE-2002-0178 | 1 Gnu | 1 Sharutils | 2016-10-18 | 7.2 HIGH | N/A |
| uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands. | |||||
| CVE-2002-0181 | 1 Horde | 2 Horde, Imp | 2016-10-18 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter. | |||||
| CVE-2002-0014 | 1 University Of Washington | 1 Pine | 2016-10-18 | 7.5 HIGH | N/A |
| URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&). | |||||
| CVE-2001-1404 | 1 Mozilla | 1 Bugzilla | 2016-10-18 | 7.5 HIGH | N/A |
| Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges. | |||||