Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2354 | 1 Netgear | 1 Fm114p | 2008-09-05 | 7.8 HIGH | N/A |
| Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. | |||||
| CVE-2002-2355 | 1 Netgear | 1 Fm114p | 2008-09-05 | 7.1 HIGH | N/A |
| Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other information in cleartext, which could allow local users to obtain sensitive information. | |||||
| CVE-2002-2356 | 1 Hamweather | 1 Hamweather | 2008-09-05 | 6.4 MEDIUM | N/A |
| HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi. | |||||
| CVE-2002-2357 | 1 Mailenable | 1 Mailenable | 2008-09-05 | 5.0 MEDIUM | N/A |
| MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow. | |||||
| CVE-2002-2358 | 1 Opera Software | 1 Opera Web Browser | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL. | |||||
| CVE-2002-2359 | 1 Mozilla | 1 Mozilla | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL. | |||||
| CVE-2002-2360 | 1 Webmin | 1 Webmin | 2008-09-05 | 9.3 HIGH | N/A |
| The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests. | |||||
| CVE-2002-2361 | 1 Yahoo | 1 Messenger | 2008-09-05 | 5.8 MEDIUM | N/A |
| The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. | |||||
| CVE-2002-2362 | 1 Sourceforge | 1 Mymarket | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter. | |||||
| CVE-2002-2363 | 1 Hp | 1 Hp-ux | 2008-09-05 | 7.2 HIGH | N/A |
| VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. | |||||
| CVE-2002-2364 | 1 Sourceforge | 1 Php Ticket | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP Ticket 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a help ticket. | |||||
| CVE-2002-2365 | 1 Springer Verlag Berlin Heidelberg | 1 Simple Wais | 2008-09-05 | 10.0 HIGH | N/A |
| Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character. | |||||
| CVE-2002-2366 | 1 Cerulean Studios | 1 Trillian | 2008-09-05 | 6.8 MEDIUM | N/A |
| Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml. | |||||
| CVE-2002-2367 | 1 Socks5 | 1 Socks5 | 2008-09-05 | 7.8 HIGH | N/A |
| Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname. | |||||
| CVE-2002-2368 | 1 Nec | 1 Socks 5 | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in proxy.c for the SOCKS4 module. | |||||
| CVE-2002-2369 | 1 Perception | 1 Liteserve | 2008-09-05 | 5.0 MEDIUM | N/A |
| Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./" in a URL. | |||||
| CVE-2002-2370 | 1 Sws | 1 Sws Simple Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) via a URL request that does not end with a newline. | |||||
| CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2008-09-05 | 7.8 HIGH | N/A |
| Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | |||||
| CVE-2002-2372 | 1 Ibm | 2 Infoprint, Infoprint 21 | 2008-09-05 | 5.0 MEDIUM | N/A |
| The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. | |||||
| CVE-2002-2373 | 1 Apple | 2 Apple Laserwriter, Tcp Ip Configuration Utility | 2008-09-05 | 7.5 HIGH | N/A |
| The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. | |||||