Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0908 1 Cisco 1 Ids Device Manager 2026-04-16 N/A
Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request.
CVE-2002-1613 1 Hp 2 Hp-ux, Tru64 2026-04-16 N/A
Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
CVE-2002-0910 1 Debian 1 Netstd 2026-04-16 N/A
Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to.
CVE-2002-0911 1 Caldera 1 Volution Manager 2026-04-16 N/A
Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges.
CVE-2002-0912 1 Debian 1 Debian Linux 2026-04-16 N/A
in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow.
CVE-2002-0913 1 Stephen Hebditch 1 Slurp 2026-04-16 N/A
Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.
CVE-2002-0914 1 Double Precision Incorporated 1 Courier Mta 2026-04-16 N/A
Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop.
CVE-2002-0915 1 Harald Hoyer 2 Autorun, Xandros Desktop Os 2026-04-16 N/A
autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.
CVE-2002-0916 1 Stellar-x Software 1 Msntauth 2026-04-16 N/A
Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call.
CVE-2002-1029 1 Worldspan 1 Res Manager 2026-04-16 N/A
Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990.
CVE-2002-0919 1 Cgiscript.net 1 Cspassword 2026-04-16 N/A
CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page.
CVE-2002-0920 1 Cgiscript.net 1 Cspassword 2026-04-16 N/A
CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.
CVE-2002-0951 1 Ruslan Communications 1 Body Builder 2026-04-16 N/A
SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password.
CVE-2002-1057 1 Smartmax Software 1 Mailmax 2026-04-16 N/A
Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.
CVE-2002-0939 1 Ncipher 1 Mscapi Csp 2026-04-16 N/A
The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).
CVE-2002-0940 1 Ncipher 1 Mscapi Csp 2026-04-16 N/A
domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).
CVE-2002-0941 1 Ncipher 2 Nforce, Nshield 2026-04-16 N/A
The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges.
CVE-2002-1176 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file.
CVE-2002-0943 1 Metalinks 1 Metacart2.sql 2026-04-16 N/A
MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb.
CVE-2002-0944 1 Deepmetrix 1 Livestats 2026-04-16 N/A
Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 through 6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the (1) user-agent or (2) referrer, which are not filtered by the stats program.