Total
29908 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2023 | 1 Yamaguchi | 1 Shingo Beep2 | 2026-04-16 | N/A |
| The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and 1.2, when installed setuid root, allows local users to read arbitrary files via unknown attack vectors. | ||||
| CVE-2002-2025 | 1 Ibm | 1 Lotus Domino Server | 2026-04-16 | N/A |
| Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name. | ||||
| CVE-2002-2026 | 1 Browseftp | 1 Browseftp Client | 2026-04-16 | N/A |
| Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply. | ||||
| CVE-2002-2027 | 1 Doow | 1 Doow | 2026-04-16 | N/A |
| Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, which allows remote attackers to perform unauthorized activities. | ||||
| CVE-2002-2028 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2026-04-16 | N/A |
| The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing. | ||||
| CVE-2002-2033 | 1 Faqmanager | 1 Faqmanager.cgi | 2026-04-16 | N/A |
| faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00). | ||||
| CVE-2002-2034 | 1 John Hardin | 1 Procmail Email Sanitizer | 2026-04-16 | N/A |
| The Email Sanitizer before 1.133 for Procmail allows remote attackers to bypass the mail filter and execute arbitrary code via crafted recursive multipart MIME attachments. | ||||
| CVE-2002-2036 | 1 Sun | 1 Ray Server Software | 2026-04-16 | N/A |
| Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client. | ||||
| CVE-2002-2042 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes. | ||||
| CVE-2002-2044 | 1 Xqus | 1 X-stat | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action. | ||||
| CVE-2002-2060 | 1 Twibright Labs | 1 Links | 2026-04-16 | N/A |
| Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images. | ||||
| CVE-2002-2061 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2026-04-16 | N/A |
| Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel. | ||||
| CVE-2002-2063 | 1 Atguard | 1 Atguard Personal Firewall | 2026-04-16 | N/A |
| AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames. | ||||
| CVE-2002-2064 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-16 | N/A |
| isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo. | ||||
| CVE-2002-2065 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root. | ||||
| CVE-2002-2074 | 1 Erwin Lansing | 1 Mailidx | 2026-04-16 | N/A |
| SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary SQL commands via the search web page. | ||||
| CVE-2002-2104 | 1 Ganglia | 1 Php Rrd Web Client | 2026-04-16 | N/A |
| graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers to execute arbitrary commands via the command parameter, which is provided to the passthru function. | ||||
| CVE-2002-2111 | 1 Gianni Tedesco | 1 Fwmon | 2026-04-16 | N/A |
| Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kernel to return a large packet. | ||||
| CVE-2002-2120 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to (1) Watcom or (2) int10. | ||||
| CVE-2002-2122 | 1 Pointsec Mobile Technologies | 1 Pointsec | 2026-04-16 | N/A |
| Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in plaintext, which allows a local attacker who steals an unlocked Palm to retrieve the PIN by dumping memory. | ||||