Search Results (364234 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1714 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion.
CVE-2002-1228 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.
CVE-2002-1229 1 Avaya 5 Cajun P550, Cajun P550r, Cajun P580 and 2 more 2026-04-16 N/A
Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier contain undocumented accounts (1) manuf and (2) diag with default passwords, which allows remote attackers to gain privileges.
CVE-2002-1230 1 Microsoft 2 Windows 2000, Windows 2000 Terminal Services 2026-04-16 N/A
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
CVE-2002-1231 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.
CVE-2002-1232 3 Debian, Hp, Redhat 4 Debian Linux, Secure Os, Enterprise Linux and 1 more 2026-04-16 N/A
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
CVE-2002-1233 1 Apache 1 Http Server 2026-04-16 N/A
A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
CVE-2002-1235 4 Debian, Kth, Mit and 1 more 6 Debian Linux, Kth Kerberos 4, Kth Kerberos 5 and 3 more 2026-04-16 N/A
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2002-1236 1 Linksys 1 Befsr41 2026-04-16 N/A
The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments.
CVE-2002-1238 1 Peter Sandvik 1 Simple Web Server 2026-04-16 N/A
Peter Sandvik's Simple Web Server 0.5.1 and earlier allows remote attackers to bypass access restrictions for files via an HTTP request with a sequence of multiple / (slash) characters such as http://www.example.com///file/.
CVE-2002-1239 1 Qnx 1 Rtos 2026-04-16 N/A
QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program.
CVE-2002-1242 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php.
CVE-2002-1244 1 Pablo Software Solutions 1 Pablo Ftp Server 2026-04-16 N/A
Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command.
CVE-2002-1245 1 Frank Mcingvale 1 Luxman 2026-04-16 N/A
Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program.
CVE-2002-1247 3 Kde, Lisa, Redhat 5 Kde, Klisa, Lisa and 2 more 2026-04-16 N/A
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
CVE-2002-1248 1 Northern Solutions 1 Xeneo Web Server 2026-04-16 N/A
Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remote attackers to cause a denial of service (crash) via a GET request for a "%" URI.
CVE-2002-1250 1 Abuse 1 Abuse 2026-04-16 N/A
Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument.
CVE-2002-1251 1 Log2mail 1 Log2mail 2026-04-16 N/A
Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message.
CVE-2002-1252 1 Peoplesoft 1 Peopletools 2026-04-16 N/A
The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read arbitrary files via certain XML External Entities (XXE) fields in an HTTP POST request that is processed by the SimpleFileHandler handler.
CVE-2002-1253 1 Abuse 1 Abuse 2026-04-16 N/A
Abuse 2.00 and earlier allows local users to gain privileges via command line arguments that specify alternate Lisp scripts that run at escalated privileges, which can contain functions that execute commands or modify files.