Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2152 | 1 Software602 | 1 602pro Lan Suite | 2008-09-05 | 10.0 HIGH | N/A |
| The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected. | |||||
| CVE-2002-2149 | 1 Lucent | 3 Access Point Service Router 1500, Access Point Service Router 300, Access Point Service Router 600 | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface. | |||||
| CVE-2002-2064 | 1 Phpwebgallery | 1 Phpwebgallery | 2008-09-05 | 7.5 HIGH | N/A |
| isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo. | |||||
| CVE-2002-2053 | 1 Cisco | 1 Ios | 2008-09-05 | 5.0 MEDIUM | N/A |
| The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | |||||
| CVE-2002-2112 | 1 Rca | 1 Digital Cable Modem | 2008-09-05 | 5.0 MEDIUM | N/A |
| RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cable Service Interface Specifications DOCSIS standard, uses the "public" community string for SNMP access, which allows remote attackers to read or write MIB information. | |||||
| CVE-2002-2146 | 1 Savant | 1 Savant Webserver | 2008-09-05 | 7.5 HIGH | N/A |
| cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request. | |||||
| CVE-2002-2014 | 1 Ibm | 1 Lotus Domino | 2008-09-05 | 5.0 MEDIUM | N/A |
| Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks. | |||||
| CVE-2002-2193 | 1 Mojo Mail | 1 Mojo Mail | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 allows remote attackers to inject arbitrary web script via the email parameter. | |||||
| CVE-2002-1993 | 1 Affordable Web Space Design | 1 Affordable Web Space Design Webbbs | 2008-09-05 | 10.0 HIGH | N/A |
| webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter. | |||||
| CVE-2002-2018 | 1 Sas | 2 Base, Integration Technologies | 2008-09-05 | 7.2 HIGH | N/A |
| sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault. | |||||
| CVE-2002-2063 | 1 Atguard | 1 Atguard Personal Firewall | 2008-09-05 | 7.5 HIGH | N/A |
| AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames. | |||||
| CVE-2002-2090 | 1 Caucho Technology | 1 Resin | 2008-09-05 | 5.0 MEDIUM | N/A |
| Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp. | |||||
| CVE-2002-2078 | 1 Floosietek | 2 Ftgateoffice, Ftgatepro | 2008-09-05 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command. | |||||
| CVE-2002-1982 | 1 Icecast | 1 Icecast | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not. | |||||
| CVE-2002-2188 | 1 Openbsd | 1 Openbsd | 2008-09-05 | 4.9 MEDIUM | N/A |
| OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error. | |||||
| CVE-2002-2144 | 1 Free Peers | 1 Bearshare | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters. | |||||
| CVE-2002-2110 | 1 Rca | 1 Digital Cable Modem | 2008-09-05 | 5.0 MEDIUM | N/A |
| The RCA Digital Cable Modems DCM225 and DCM225E allow remote attackers to cause a denial of service (modem device reset) by connecting to port 80 on the 10.0.0.0/8 device. | |||||
| CVE-2002-2178 | 1 Phpwebsite | 1 Phpwebsite | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag. | |||||
| CVE-2002-2198 | 1 Zmailer | 1 Zmailer | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname. | |||||
| CVE-2002-2161 | 1 Kerio | 1 Personal Firewall | 2008-09-05 | 5.0 MEDIUM | N/A |
| Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood. | |||||