Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0033 | 1 Snort | 1 Snort | 2016-10-17 | 10.0 HIGH | N/A |
| Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets. | |||||
| CVE-2003-0048 | 1 Putty | 1 Putty | 2016-10-17 | 4.6 MEDIUM | N/A |
| PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||
| CVE-2002-1563 | 1 Stunnel | 1 Stunnel | 2016-10-17 | 1.2 LOW | N/A |
| stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter. | |||||
| CVE-2002-1454 | 1 Mywebserver | 1 Mywebserver | 2016-10-17 | 5.0 MEDIUM | N/A |
| MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist, which leaks the pathname in an error message. | |||||
| CVE-2002-2118 | 1 Blue World Communications | 1 Lasso Web Data Engine | 2016-10-17 | 5.0 MEDIUM | N/A |
| Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2002-2121 | 1 Surfcontrol | 1 Superscout Email Filter | 2016-10-17 | 5.0 MEDIUM | N/A |
| SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote attackers to cause a denial of service (crash) via a long SMTP (1) HELO or (2) RCPT TO command, possibly due to a buffer overflow. | |||||
| CVE-2002-2073 | 1 Microsoft | 3 Site Server, Site Server Commerce, Windows Nt | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp. | |||||
| CVE-2002-1420 | 1 Openbsd | 1 Openbsd | 2016-10-17 | 7.2 HIGH | N/A |
| Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation. | |||||
| CVE-2002-1664 | 1 Yahoo | 1 Messenger | 2016-10-17 | 6.4 MEDIUM | N/A |
| Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information. | |||||
| CVE-2002-2175 | 1 Php | 1 Phpsquidpass | 2016-10-17 | 4.0 MEDIUM | N/A |
| phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username. | |||||
| CVE-2002-1665 | 1 Yahoo | 1 Messenger | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long set_buddygrp field. | |||||
| CVE-2002-2039 | 1 Qnx | 1 Rtos | 2016-10-17 | 2.1 LOW | N/A |
| /bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal. | |||||
| CVE-2002-2048 | 1 Michael Baumer | 1 Pfinger | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in PFinger 0.7.8 client allows remote attackers to execute arbitrary code via a long query value passed to the (1) finger program, (2) -l, (3) -d, and (4) -t options. NOTE: if PFinger is not setuid or setgid, then this issue would not cross privilege boundaries and would not be considered a vulnerability. | |||||
| CVE-2002-2054 | 1 Teekai | 1 Teekai Forum | 2016-10-17 | 7.5 HIGH | N/A |
| TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin. | |||||
| CVE-2002-2055 | 1 Teekai | 1 Teekai Tracking Online | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2002-1568 | 1 Openssl | 1 Openssl | 2016-10-17 | 5.0 MEDIUM | N/A |
| OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c. | |||||
| CVE-2002-1647 | 1 Slashcode.com | 1 Slash | 2016-10-17 | 5.0 MEDIUM | N/A |
| The quick login feature in Slash Slashcode does not redirect the user to an alternate URL when the wrong password is provided, which makes it easier for remote web sites to guess the proper passwords by reading the username and password from the Referrer URL. | |||||
| CVE-2002-1822 | 1 Ibm | 1 Http Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). | |||||
| CVE-2002-1830 | 1 Openbb | 1 Openbb | 2016-10-17 | 5.0 MEDIUM | N/A |
| Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to bypass authentication and access modifier options via a direct request to moderator.php with the action and ismod parameters. | |||||
| CVE-2002-2056 | 1 Teekai | 1 Teekai Forum | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie. | |||||