Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0829 1 Freebsd 1 Freebsd 2025-04-03 N/A
Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system.
CVE-2002-0830 1 Freebsd 1 Freebsd 2025-04-03 N/A
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop.
CVE-2002-0847 1 Tinyproxy 1 Tinyproxy 2025-04-03 N/A
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
CVE-2002-0833 1 Qualcomm 1 Eudora 2025-04-03 N/A
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.
CVE-2002-0848 1 Cisco 2 Vpn 5000 Concentrator, Vpn 5000 Concentrator Series Software 2025-04-03 N/A
Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing.
CVE-2002-0845 1 Iplanet 1 Iplanet Web Server 2025-04-03 N/A
Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding.
CVE-2002-0856 1 Oracle 2 Database Server, Oracle9i 2025-04-03 N/A
SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature.
CVE-2002-0865 1 Microsoft 1 Virtual Machine 2025-04-03 N/A
A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes."
CVE-2002-0871 2 Redhat, Xinetd 2 Linux, Xinetd 2025-04-03 N/A
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
CVE-2002-0873 1 L2tpd 1 L2tpd 2025-04-03 N/A
Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.
CVE-2002-0874 1 Redhat 1 Interchange 2025-04-03 N/A
Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.
CVE-2002-0881 1 Cisco 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 2025-04-03 N/A
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.
CVE-2002-0883 1 Compaq 1 Proliant Bl E-class Integrated Administrator Firmware 2025-04-03 N/A
Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities.
CVE-2002-0889 1 Qualcomm 1 Qpopper 2025-04-03 N/A
Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a long bulldir argument in the user's .qpopper-options configuration file.
CVE-2002-0891 1 Juniper 1 Netscreen Screenos 2025-04-03 N/A
The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.
CVE-2002-0893 1 New Atlanta Communications 1 Servletexec Isapi 2025-04-03 N/A
Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences.
CVE-2002-0903 1 Woltlab 1 Burning Board 2025-04-03 N/A
register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value.
CVE-2002-0913 1 Stephen Hebditch 1 Slurp 2025-04-03 N/A
Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.
CVE-2002-0907 1 Nullsoft 1 Shoutcast Server 2025-04-03 N/A
Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-".
CVE-2002-0920 1 Cgiscript.net 1 Cspassword 2025-04-03 N/A
CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.