| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2002-2000 | ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows... | S | |
| CVE-2002-2001 | jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local use... | S | |
| CVE-2002-2002 | Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrar... | S | |
| CVE-2002-2003 | ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process t... | | |
| CVE-2002-2004 | portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a ... | | |
| CVE-2002-2005 | Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows a... | S | |
| CVE-2002-2006 | The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attack... | E | |
| CVE-2002-2007 | The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensiti... | E | |
| CVE-2002-2008 | Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP requ... | S | |
| CVE-2002-2009 | Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP fi... | E | |
| CVE-2002-2010 | Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig (ht://Dig) 3.1.5, 3.1.6, and 3.2 a... | E | |
| CVE-2002-2011 | Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2... | E | |
| CVE-2002-2012 | Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers... | S | |
| CVE-2002-2013 | Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from... | E S | |
| CVE-2002-2014 | Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provi... | E | |
| CVE-2002-2015 | PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include ar... | E S | |
| CVE-2002-2016 | User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local ... | E S | |
| CVE-2002-2017 | sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environ... | | |
| CVE-2002-2018 | sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environ... | S | |
| CVE-2002-2019 | PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) ... | E | |
| CVE-2002-2020 | Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and acce... | | |
| CVE-2002-2021 | Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote atta... | E | |
| CVE-2002-2022 | Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrar... | E | |
| CVE-2002-2023 | The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and 1.2, when installed setuid roo... | S | |
| CVE-2002-2024 | Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for... | | |
| CVE-2002-2025 | Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhau... | S | |
| CVE-2002-2026 | Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a l... | E | |
| CVE-2002-2027 | Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, wh... | S | |
| CVE-2002-2028 | The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has alread... | | |
| CVE-2002-2029 | PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote a... | E | |
| CVE-2002-2030 | Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows remote attacker to execute arbit... | | |
| CVE-2002-2031 | Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to de... | E | |
| CVE-2002-2032 | sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allo... | E | |
| CVE-2002-2033 | faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by sp... | S | |
| CVE-2002-2034 | The Email Sanitizer before 1.133 for Procmail allows remote attackers to bypass the mail filter and ... | S | |
| CVE-2002-2035 | SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and earlier allows remote attackers t... | E | |
| CVE-2002-2036 | Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote att... | S | |
| CVE-2002-2037 | The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier,... | S | |
| CVE-2002-2038 | Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allo... | S | |
| CVE-2002-2039 | /bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitiv... | E | |
| CVE-2002-2040 | The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1... | E | |
| CVE-2002-2041 | Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute ar... | E | |
| CVE-2002-2042 | ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privi... | E | |
| CVE-2002-2043 | SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5... | S | |
| CVE-2002-2044 | Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote... | E | |
| CVE-2002-2045 | x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such ... | E | |
| CVE-2002-2046 | x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privile... | | |
| CVE-2002-2047 | The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbit... | S | |
| CVE-2002-2048 | Buffer overflow in PFinger 0.7.8 client allows remote attackers to execute arbitrary code via a long... | | |
| CVE-2002-2049 | configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May ... | S | |
| CVE-2002-2050 | Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when us... | S | |
| CVE-2002-2051 | The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allow... | S | |
| CVE-2002-2052 | Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cau... | | |
| CVE-2002-2053 | The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using ... | | |
| CVE-2002-2054 | TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privilege... | E | |
| CVE-2002-2055 | Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote ... | | |
| CVE-2002-2056 | Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbit... | | |
| CVE-2002-2057 | TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is store... | E | |
| CVE-2002-2058 | TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, whi... | E | |
| CVE-2002-2059 | BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to co... | E S | |
| CVE-2002-2060 | Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly exec... | S | |
| CVE-2002-2061 | Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to ... | S | |
| CVE-2002-2062 | Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running o... | E | |
| CVE-2002-2063 | AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by cha... | E | |
| CVE-2002-2064 | isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by settin... | S | |
| CVE-2002-2065 | WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers... | S | |
| CVE-2002-2066 | BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are... | | |
| CVE-2002-2067 | East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTF... | | |
| CVE-2002-2068 | Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file sys... | | |
| CVE-2002-2069 | PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS fil... | | |
| CVE-2002-2070 | SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on ... | | |
| CVE-2002-2071 | Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ... | E | |
| CVE-2002-2072 | java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remot... | E | |
| CVE-2002-2073 | Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Wi... | E | |
| CVE-2002-2074 | SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary ... | S | |
| CVE-2002-2075 | ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and han... | E S | |
| CVE-2002-2076 | Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read ar... | E | |
| CVE-2002-2077 | The DCOM client in Windows 2000 before SP3 does not properly clear memory before sending an "alter c... | S | |
| CVE-2002-2078 | Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote... | S | |
| CVE-2002-2079 | mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attacker... | | |
| CVE-2002-2080 | Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of service (memory and CPU consu... | S | |
| CVE-2002-2081 | cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk c... | | |
| CVE-2002-2082 | FTGate and FTGate Pro 1.05 lock user mailboxes before authentication succeeds, which allows remote a... | S | |
| CVE-2002-2083 | The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbi... | | |
| CVE-2002-2084 | Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbi... | E | |
| CVE-2002-2085 | Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote a... | E | |
| CVE-2002-2086 | Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow ... | E S | |
| CVE-2002-2087 | Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INT... | E S | |
| CVE-2002-2088 | The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote... | | |
| CVE-2002-2089 | Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long comman... | | |
| CVE-2002-2090 | Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path v... | S | |
| CVE-2002-2091 | Format string vulnerability in Deception Finger Daemon, decfingerd, 0.7 may allow remote attackers t... | | |
| CVE-2002-2092 | Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and ear... | S | |
| CVE-2002-2093 | The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows ... | | |
| CVE-2002-2094 | Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory v... | E S | |
| CVE-2002-2095 | Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.pr... | E S | |
| CVE-2002-2096 | Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows re... | S | |
| CVE-2002-2097 | The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service v... | S | |
| CVE-2002-2098 | Buffer overflow in axspawn.c in Axspawn-pam before 0.2.1a allows remote attackers to execute arbitra... | S | |
| CVE-2002-2099 | Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary ... | E | |
| CVE-2002-2100 | Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for at... | | |
| CVE-2002-2101 | Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scrip... | | |
| CVE-2002-2102 | InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (Nul... | S | |
| CVE-2002-2103 | Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse look... | S | |
| CVE-2002-2104 | graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers to execute arbitrary commands ... | S | |
| CVE-2002-2105 | Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.ex... | | |
| CVE-2002-2106 | PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to exe... | E S | |
| CVE-2002-2107 | Cross-site scripting (XSS) vulnerability in the lookup script in Veridis OpenKeyServer (OKS) 1.2 all... | E | |
| CVE-2002-2108 | Unknown vulnerability in the "VAIO Manual" software in certain Sony VAIO personal computers sold fro... | | |
| CVE-2002-2109 | Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and co... | E S | |
| CVE-2002-2110 | The RCA Digital Cable Modems DCM225 and DCM225E allow remote attackers to cause a denial of service ... | | |
| CVE-2002-2111 | Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kern... | S | |
| CVE-2002-2112 | RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cabl... | | |
| CVE-2002-2113 | search.cgi in AGH HTMLsearch 1.0 allows remote attackers to execute arbitrary commands via shell met... | E | |
| CVE-2002-2114 | Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server,... | S | |
| CVE-2002-2115 | Cross-site scripting (XSS) vulnerability in Hyper NIKKI System (HNS) Lite before 0.9 and HNS before ... | S | |
| CVE-2002-2116 | Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (c... | | |
| CVE-2002-2117 | Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flood... | | |
| CVE-2002-2118 | Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote attackers to cause a denial ... | E | |
| CVE-2002-2119 | Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote att... | | |
| CVE-2002-2120 | Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long fi... | E | |
| CVE-2002-2121 | SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote attackers to cause a denial of serv... | | |
| CVE-2002-2122 | Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in plaintext, which allows a loc... | S | |
| CVE-2002-2123 | PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attac... | S | |
| CVE-2002-2124 | The recvn and sendn functions in nylon 0.2 do not check when the recv function call returns 0, which... | S | |
| CVE-2002-2125 | Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is ... | | |
| CVE-2002-2126 | restrictEnabled in Integrity Protection Driver (IPD) 1.2 delays driver installation for 20 minutes, ... | E S | |
| CVE-2002-2127 | Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its nam... | S | |
| CVE-2002-2128 | editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequ... | | |
| CVE-2002-2129 | Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers t... | E | |
| CVE-2002-2130 | publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modify... | S | |
| CVE-2002-2131 | Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows remote attackers to view arbitra... | S | |
| CVE-2002-2132 | Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files... | | |
| CVE-2002-2133 | Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which... | E S | |
| CVE-2002-2134 | haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot... | E S | |
| CVE-2002-2135 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1618. Reason: This candida... | R | |
| CVE-2002-2136 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1590. Reason: This candida... | R | |
| CVE-2002-2137 | GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) ... | E | |
| CVE-2002-2138 | RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, a... | S | |
| CVE-2002-2139 | Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for... | S | |
| CVE-2002-2140 | Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6... | S | |
| CVE-2002-2141 | BEA WebLogic Server and Express 7.0 and 7.0.0.1, when running Servlets and Enterprise JavaBeans (EJB... | | |
| CVE-2002-2142 | An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading ... | S | |
| CVE-2002-2143 | The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allo... | E | |
| CVE-2002-2144 | Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files... | S | |
| CVE-2002-2145 | Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password prot... | E | |
| CVE-2002-2146 | cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of servic... | E | |
| CVE-2002-2147 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1828. Reason: This candida... | R | |
| CVE-2002-2148 | Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent... | | |
| CVE-2002-2149 | Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to... | E | |
| CVE-2002-2150 | Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows re... | | |
| CVE-2002-2151 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1651. Reason: This candida... | R | |
| CVE-2002-2152 | The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain ... | S | |
| CVE-2002-2153 | Format string vulnerability in the administrative pages of the PL/SQL module for Oracle Application ... | | |
| CVE-2002-2154 | Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitr... | E S | |
| CVE-2002-2155 | Format string vulnerability in the error handling of IRC invite responses for Trillian 0.725 and 0.7... | | |
| CVE-2002-2156 | Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING... | | |
| CVE-2002-2157 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1660. Reason: This candida... | R | |
| CVE-2002-2158 | zenTrack 2.0.3 and earlier allows remote attackers to obtain the full path to the web root via an in... | | |
| CVE-2002-2159 | Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed... | | |
| CVE-2002-2160 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1798. Reason: This candida... | R | |
| CVE-2002-2161 | Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service... | | |
| CVE-2002-2162 | Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in ... | E | |
| CVE-2002-2163 | KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" c... | | |
| CVE-2002-2164 | Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a de... | E S | |
| CVE-2002-2165 | The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous l... | E | |
| CVE-2002-2166 | Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allows remote attackers to insert a... | | |
| CVE-2002-2167 | Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.... | S | |
| CVE-2002-2168 | SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to exe... | | |
| CVE-2002-2169 | Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows all... | E S | |
| CVE-2002-2170 | Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrato... | E | |
| CVE-2002-2171 | Cross-site scripting (XSS) vulnerability in acWEB 1.8 and 1.14 allows remote attackers to insert arb... | E | |
| CVE-2002-2172 | Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encryp... | S | |
| CVE-2002-2173 | Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute ar... | | |
| CVE-2002-2174 | The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number of outstanding connections to... | S | |
| CVE-2002-2175 | phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its dat... | S | |
| CVE-2002-2176 | SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative acces... | E S | |
| CVE-2002-2177 | BEA WebLogic Server and Express 6.1 through 7.0.0.1 buffers HTTP requests in a way that can cause BE... | S | |
| CVE-2002-2178 | Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote at... | E | |
| CVE-2002-2179 | The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause... | E S | |
| CVE-2002-2180 | The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, w... | E S | |
| CVE-2002-2181 | SonicWall Content Filtering allows local users to access prohibited web sites via requests to the we... | | |
| CVE-2002-2182 | Buffer overflow in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 allows remote attackers to execu... | | |
| CVE-2002-2183 | phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to include and execute arbitrary ... | S | |
| CVE-2002-2184 | Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users ... | E | |
| CVE-2002-2185 | The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an... | E S | |
| CVE-2002-2186 | Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via U... | S | |
| CVE-2002-2187 | Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file ... | S | |
| CVE-2002-2188 | OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getr... | S | |
| CVE-2002-2189 | Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote atta... | | |
| CVE-2002-2190 | ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which... | E | |
| CVE-2002-2191 | Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows rem... | E S | |
| CVE-2002-2192 | Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to ex... | E S | |
| CVE-2002-2193 | Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 allows remote attackers to in... | E | |
| CVE-2002-2194 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1589. Reason: This candida... | R | |
| CVE-2002-2195 | Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who ... | E S | |
| CVE-2002-2196 | Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow r... | S | |
| CVE-2002-2197 | Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel pan... | | |
| CVE-2002-2198 | Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during... | S | |
| CVE-2002-2199 | The default aide.conf file in Advanced Intrusion Detection Environment (AIDE) before 0.7_1 on FreeBS... | S | |
| CVE-2002-2200 | Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and exe... | | |
| CVE-2002-2201 | The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute ar... | | |
| CVE-2002-2202 | Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted it... | E S | |
| CVE-2002-2203 | Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows loca... | S | |
| CVE-2002-2204 | The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is val... | S | |
| CVE-2002-2205 | Buffer overflow in Webresolve 0.1.0 and earlier allows remote attackers to execute arbitrary code by... | S | |
| CVE-2002-2206 | The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial o... | | |
| CVE-2002-2207 | Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote attacke... | S | |
| CVE-2002-2208 | Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 an... | E S | |
| CVE-2002-2209 | Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown... | | |
| CVE-2002-2210 | The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privile... | E | |
| CVE-2002-2211 | BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers... | S | |
| CVE-2002-2212 | The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for ... | S | |
| CVE-2002-2213 | The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries f... | S | |
| CVE-2002-2214 | The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows rem... | E S | |
| CVE-2002-2215 | The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to c... | E S | |
| CVE-2002-2216 | Soft3304 04WebServer before 1.20 does not properly process URL strings, which allows remote attacker... | | |
| CVE-2002-2217 | Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal... | E | |
| CVE-2002-2218 | CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nil... | | |
| CVE-2002-2219 | chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last ... | E S | |
| CVE-2002-2220 | Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0... | | |
| CVE-2002-2221 | Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local u... | | |
| CVE-2002-2222 | isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and in OpenBSD 3.1, allows remote... | S | |
| CVE-2002-2223 | Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and pos... | | |
| CVE-2002-2224 | Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 allows remote attackers to cause a... | | |
| CVE-2002-2225 | SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitra... | S | |
| CVE-2002-2226 | Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary cod... | E | |
| CVE-2002-2227 | Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (... | S | |
| CVE-2002-2228 | MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attac... | S | |
| CVE-2002-2229 | Directory traversal vulnerability in Sapio Design Ltd. WebReflex 1.53 allows remote attackers to rea... | | |
| CVE-2002-2230 | Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitr... | | |
| CVE-2002-2231 | Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitr... | | |
| CVE-2002-2232 | Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via ... | E | |
| CVE-2002-2233 | Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbi... | E | |
| CVE-2002-2234 | NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature... | S | |
| CVE-2002-2235 | member2.php in vBulletin 2.2.9 and earlier does not properly restrict the $perpage variable to be an... | E | |
| CVE-2002-2236 | Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to ... | E | |
| CVE-2002-2237 | tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET r... | E | |
| CVE-2002-2238 | Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 allows remote attackers to re... | | |
| CVE-2002-2239 | The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(... | S | |
| CVE-2002-2240 | Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary... | E S | |
| CVE-2002-2241 | Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before 3.5.15 allows remote attackers t... | S | |
| CVE-2002-2242 | The Apple Package Manager in KisMAC 0.02a and earlier modifies file permissions of sensitive files a... | S | |
| CVE-2002-2243 | Akfingerd 0.5 and possibly earlier versions only allows one connection at a time and does not time o... | | |
| CVE-2002-2244 | Akfingerd 0.5 and earlier versions allow local users to cause a denial of service (crash) via a .pla... | | |
| CVE-2002-2245 | ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT comma... | | |
| CVE-2002-2246 | Cross-site scripting (XSS) vulnerability in VisNetic Website before 3.5.15 allows remote attackers t... | E S | |
| CVE-2002-2247 | The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain s... | E S | |
| CVE-2002-2248 | Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0... | | |
| CVE-2002-2249 | PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arb... | E | |
| CVE-2002-2250 | Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute ... | E S | |
| CVE-2002-2251 | Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows re... | E | |
| CVE-2002-2252 | SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earlier allows remote attackers to... | E | |
| CVE-2002-2253 | Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to exec... | E | |
| CVE-2002-2254 | The experimental IP packet queuing feature in Netfilter / IPTables in Linux kernel 2.4 up to 2.4.19 ... | S | |
| CVE-2002-2255 | Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions ... | E | |
| CVE-2002-2256 | Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to re... | | |
| CVE-2002-2257 | Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allo... | E | |
| CVE-2002-2258 | Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request ... | E | |
| CVE-2002-2259 | Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows lo... | | |
| CVE-2002-2260 | Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 ... | S | |
| CVE-2002-2261 | Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by th... | S | |
| CVE-2002-2262 | Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a d... | S | |
| CVE-2002-2263 | The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 ... | | |
| CVE-2002-2264 | Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A... | | |
| CVE-2002-2265 | Unspecified vulnerability in LDAP Module in System Authentication of Open Source Internet Solutions ... | S | |
| CVE-2002-2266 | NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attac... | S | |
| CVE-2002-2267 | bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack ... | S | |
| CVE-2002-2268 | Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long ... | E | |
| CVE-2002-2269 | Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary f... | | |
| CVE-2002-2270 | Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to v... | S | |
| CVE-2002-2271 | Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, ... | E | |
| CVE-2002-2272 | Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote att... | E S | |
| CVE-2002-2273 | Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows remote attackers to inject ar... | | |
| CVE-2002-2274 | akfingerd 0.5 allows local users to read arbitrary files as the akfingerd user (nobody) via a symlin... | | |
| CVE-2002-2275 | Fortres 101 4.1 allows local users to bypass Fortres by pressing the Windows and "F" key together fo... | | |
| CVE-2002-2276 | Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board ... | E | |
| CVE-2002-2277 | SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to ex... | S | |
| CVE-2002-2278 | Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote at... | S | |
| CVE-2002-2279 | Unspecified vulnerability in the bind function in config.inc of aldap 0.09 allows remote attackers t... | S | |
| CVE-2002-2280 | syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the ... | | |
| CVE-2002-2281 | Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator 4.0 through 4.8 allows remote a... | E | |
| CVE-2002-2282 | McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from t... | | |
| CVE-2002-2283 | Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from... | E | |
| CVE-2002-2284 | Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute ar... | | |
| CVE-2002-2285 | eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of... | | |
| CVE-2002-2286 | The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of... | E | |
| CVE-2002-2287 | PHP remote file inclusion vulnerability in quick_reply.php for phpBB Advanced Quick Reply Hack 1.0.0... | E | |
| CVE-2002-2288 | Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HT... | E S | |
| CVE-2002-2289 | soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensit... | E | |
| CVE-2002-2290 | Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote... | | |
| CVE-2002-2291 | Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang)... | E S | |
| CVE-2002-2292 | Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows rem... | | |
| CVE-2002-2293 | Webshots Desktop screensaver allows local users to bypass the password on the screensaver by pressin... | E | |
| CVE-2002-2294 | Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7... | S | |
| CVE-2002-2295 | Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote attackers to cause a ... | E | |
| CVE-2002-2296 | Cross-site scripting (XSS) vulnerability in YaBB.pl in Yet Another Bulletin Board (YaBB) 1 Gold SP 1... | E | |
| CVE-2002-2297 | PHP remote file inclusion vulnerability in artlist.php in Thatware 0.5.2 and 0.5.3 allows remote att... | E | |
| CVE-2002-2298 | PHP remote file inclusion vulnerability in config.php in Thatware 0.3 through 0.5.3 allows remote at... | E | |
| CVE-2002-2299 | PHP remote file inclusion vulnerability in thatfile.php in Thatware 0.3 through 0.5.2 allows remote ... | E | |
| CVE-2002-2300 | Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attacke... | E | |
| CVE-2002-2301 | Lawson Financials 8.0, when configured to use a third party relational database, stores usernames an... | | |
| CVE-2002-2302 | 3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping c... | | |
| CVE-2002-2303 | 3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which a... | | |
| CVE-2002-2304 | SQL injection vulnerability in admin/auth/checksession.php in MyPHPLinks 2.1.9 and 2.2.0 allows remo... | E | |
| CVE-2002-2305 | SQL injection vulnerability in agentadmin.php in Immobilier allows remote attackers to execute arbit... | | |
| CVE-2002-2306 | Sharman Networks KaZaA Media Desktop 1.7.1 allows remote attackers to cause a denial of service (CPU... | E S | |
| CVE-2002-2307 | The default configuration of BenHur Firewall release 3 update 066 fix 2 allows remote attackers to a... | E S | |
| CVE-2002-2308 | Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers ... | | |
| CVE-2002-2309 | php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows ... | E | |
| CVE-2002-2310 | ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient ac... | E | |
| CVE-2002-2311 | Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file... | E | |
| CVE-2002-2312 | Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresp... | E | |
| CVE-2002-2313 | Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute a... | | |
| CVE-2002-2314 | Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a... | E S | |
| CVE-2002-2315 | Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attac... | E | |
| CVE-2002-2316 | Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC ad... | E | |
| CVE-2002-2317 | Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attack... | S | |
| CVE-2002-2318 | Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows r... | E | |
| CVE-2002-2319 | Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject a... | E | |
| CVE-2002-2320 | MySimpleNews 1.0 allows remote attackers to delete arbitrary email messages via a direct request to ... | E | |
| CVE-2002-2321 | Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1... | E | |
| CVE-2002-2322 | Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient ac... | | |
| CVE-2002-2323 | Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and dir... | | |
| CVE-2002-2324 | The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System ... | E | |
| CVE-2002-2325 | The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pi... | E S | |
| CVE-2002-2326 | The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends ... | | |
| CVE-2002-2327 | Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire... | S | |
| CVE-2002-2328 | Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remot... | | |
| CVE-2002-2329 | ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumpt... | E | |
| CVE-2002-2330 | Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inj... | | |
| CVE-2002-2331 | W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory doe... | | |
| CVE-2002-2332 | Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IM... | | |
| CVE-2002-2333 | Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a den... | S | |
| CVE-2002-2334 | Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, w... | | |
| CVE-2002-2335 | Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access c... | | |
| CVE-2002-2336 | Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote att... | E | |
| CVE-2002-2337 | Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers t... | E | |
| CVE-2002-2338 | The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows r... | E S | |
| CVE-2002-2339 | Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote... | E S | |
| CVE-2002-2340 | Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a allows remote attackers to inj... | E | |
| CVE-2002-2341 | Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remot... | E | |
| CVE-2002-2342 | Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data fil... | | |
| CVE-2002-2343 | Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject... | E | |
| CVE-2002-2344 | Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defin... | | |
| CVE-2002-2345 | Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintex... | | |
| CVE-2002-2346 | phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of... | | |
| CVE-2002-2347 | Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.... | | |
| CVE-2002-2348 | Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inj... | E | |
| CVE-2002-2349 | phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain... | E | |
| CVE-2002-2350 | Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zoru... | E | |
| CVE-2002-2351 | Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code v... | E | |
| CVE-2002-2352 | The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitr... | E | |
| CVE-2002-2353 | tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname... | E S | |
| CVE-2002-2354 | Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (... | | |
| CVE-2002-2355 | Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, ... | | |
| CVE-2002-2356 | HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive inform... | | |
| CVE-2002-2357 | MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via ... | E S | |
| CVE-2002-2358 | Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 ... | E S | |
| CVE-2002-2359 | Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attack... | E S | |
| CVE-2002-2360 | The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows ... | E | |
| CVE-2002-2361 | The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could al... | | |
| CVE-2002-2362 | Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers... | E | |
| CVE-2002-2363 | VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.... | S | |
| CVE-2002-2364 | Cross-site scripting (XSS) vulnerability in PHP Ticket 0.5 and earlier allows remote attackers to in... | S | |
| CVE-2002-2365 | Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacha... | E | |
| CVE-2002-2366 | Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to caus... | | |
| CVE-2002-2367 | Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a deni... | E | |
| CVE-2002-2368 | Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial... | E | |
| CVE-2002-2369 | Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./... | S | |
| CVE-2002-2370 | SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) v... | E S | |
| CVE-2002-2371 | Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) vi... | E S | |
| CVE-2002-2372 | The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attacker... | | |
| CVE-2002-2373 | The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS... | | |
| CVE-2002-2374 | Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors rel... | S | |
| CVE-2002-2375 | Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remo... | | |
| CVE-2002-2376 | Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers t... | E | |
| CVE-2002-2377 | Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inj... | | |
| CVE-2002-2378 | Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrar... | S | |
| CVE-2002-2379 | Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running al... | | |
| CVE-2002-2380 | NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access ... | | |
| CVE-2002-2381 | Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of... | S | |
| CVE-2002-2382 | cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a sym... | S | |
| CVE-2002-2383 | SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrar... | S | |
| CVE-2002-2384 | hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry k... | E | |
| CVE-2002-2385 | Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service ... | | |
| CVE-2002-2386 | Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line qu... | | |
| CVE-2002-2387 | Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbit... | | |
| CVE-2002-2388 | Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service ... | | |
| CVE-2002-2389 | TheServer 1.74 web server stores server.ini under the web document root with insufficient access con... | | |
| CVE-2002-2390 | Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allow... | E | |
| CVE-2002-2391 | SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attacker... | E S | |
| CVE-2002-2392 | Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attack... | E | |
| CVE-2002-2393 | Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder ... | S | |
| CVE-2002-2394 | InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote attackers to bypass virus prote... | | |
| CVE-2002-2395 | InterScan VirusWall 3.52 for Windows allows remote attackers to bypass virus protection and possibly... | | |
| CVE-2002-2396 | Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local... | | |
| CVE-2002-2397 | Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed (1)... | | |
| CVE-2002-2398 | The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to pro... | E | |
| CVE-2002-2399 | Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to r... | | |
| CVE-2002-2400 | Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause... | E S | |
| CVE-2002-2401 | NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permiss... | | |
| CVE-2002-2402 | SURECOM broadband router EP-4501 uses a default SNMP read community string of "public" and a default... | | |
| CVE-2002-2403 | Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbit... | E | |
| CVE-2002-2404 | Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of ... | E | |
| CVE-2002-2405 | Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic ... | | |
| CVE-2002-2406 | Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a ... | E | |
| CVE-2002-2407 | Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for... | | |
| CVE-2002-2408 | Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first reci... | S | |
| CVE-2002-2409 | Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to... | | |
| CVE-2002-2410 | openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and gene... | E | |
| CVE-2002-2411 | Buffer overflow in badmin.c in BannerWheel 1.0 allows remote attackers to execute arbitrary code via... | E | |
| CVE-2002-2412 | Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] s... | | |
| CVE-2002-2413 | WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with ex... | S | |
| CVE-2002-2414 | Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-... | | |
| CVE-2002-2415 | Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a deni... | E | |
| CVE-2002-2416 | Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary ... | E | |
| CVE-2002-2417 | acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentic... | E | |
| CVE-2002-2418 | Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attacke... | E | |
| CVE-2002-2419 | Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service... | S | |
| CVE-2002-2420 | site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via s... | E | |
| CVE-2002-2421 | acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS... | E | |
| CVE-2002-2422 | Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 an... | E | |
| CVE-2002-2423 | Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remot... | | |
| CVE-2002-2424 | Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject... | E | |
| CVE-2002-2425 | Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as ... | E S | |
| CVE-2002-2426 | Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame... | | |
| CVE-2002-2427 | The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass authenticat... | | |
| CVE-2002-2428 | webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL ... | | |
| CVE-2002-2429 | webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemo... | | |
| CVE-2002-2430 | GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption... | | |
| CVE-2002-2431 | Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorr... | | |
| CVE-2002-2432 | Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remo... | | |
| CVE-2002-2433 | NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cau... | | |
| CVE-2002-2434 | NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connec... | | |
| CVE-2002-2435 | The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does ... | E | |
| CVE-2002-2436 | The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.... | E | |
| CVE-2002-2437 | The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey b... | E | |
| CVE-2002-2438 | TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) s... | E S | |
| CVE-2002-2439 | Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impa... | E S | |
| CVE-2002-2440 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2002-2441 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2002-2442 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2002-2443 | schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not proper... | S | |
| CVE-2002-2444 | Snoopy before 2.0.0 has a security hole in exec cURL... | S | |
| CVE-2002-2445 | GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root ... | | |
| CVE-2002-2446 | GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite accou... | |