Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0765 1 Openbsd 2 Openbsd, Openssh 2026-04-16 N/A
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
CVE-2002-0767 1 Richard Gooch 1 Simpleinit 2026-04-16 N/A
simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges.
CVE-2002-0769 1 Cisco 1 Ata-186 2026-04-16 N/A
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
CVE-2002-0770 1 Id Software 1 Quake 2i Server 2026-04-16 N/A
Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated using "say $rcon_password."
CVE-2002-0775 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.
CVE-2002-0776 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.
CVE-2004-0444 1 Symantec 5 Client Firewall, Client Security, Norton Antispam and 2 more 2026-04-16 N/A
Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.
CVE-2002-0911 1 Caldera 1 Volution Manager 2026-04-16 N/A
Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges.
CVE-2002-0912 1 Debian 1 Debian Linux 2026-04-16 N/A
in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow.
CVE-2002-0913 1 Stephen Hebditch 1 Slurp 2026-04-16 N/A
Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.
CVE-2002-0915 1 Harald Hoyer 2 Autorun, Xandros Desktop Os 2026-04-16 N/A
autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.
CVE-2004-0460 5 Infoblox, Isc, Mandrakesoft and 2 more 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more 2026-04-16 N/A
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
CVE-2002-0917 1 Cgiscript.net 1 Cspassword 2026-04-16 N/A
CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users.
CVE-2002-0920 1 Cgiscript.net 1 Cspassword 2026-04-16 N/A
CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.
CVE-2002-0923 1 Cgiscript.net 1 Csnews 2026-04-16 N/A
CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.
CVE-2004-0467 1 Juniper 1 Junos 2026-04-16 N/A
Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large number of MPLS packets, which are not filtered or verified before being sent to the Routing Engine, which reduces the speed at which other packets are processed.
CVE-2002-0924 1 Cgiscript.net 1 Csnews 2026-04-16 N/A
CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability.
CVE-2002-0928 1 Pirch 1 Pirch Irc 2026-04-16 N/A
Buffer overflow in the Pirch 98 IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hyperlink in a channel or private message.
CVE-2002-0930 1 Novell 1 Netware 2026-04-16 N/A
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.
CVE-2004-0468 1 Juniper 1 Junos 2026-04-16 N/A
Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets.