Total
286245 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1913 | 1 Myphpnuke | 1 Myphpnuke | 2024-11-20 | N/A |
| phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable. | ||||
| CVE-2002-1912 | 1 Skystream | 1 Emr5000 | 2024-11-20 | 7.5 High |
| SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets. | ||||
| CVE-2002-1911 | 1 Zonelabs | 1 Zonealarm | 2024-11-20 | N/A |
| ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue. | ||||
| CVE-2002-1910 | 1 Click-2 | 1 Ingenium Learning Management System | 2024-11-20 | 7.5 High |
| Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows attackers to obtain passwords. | ||||
| CVE-2002-1909 | 1 Click2learn | 1 Ingenium Learning Management System | 2024-11-20 | N/A |
| Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the hashed administrative password in a config.txt file under the htdocs directory, which allows remote attackers to obtain the administrative password. | ||||
| CVE-2002-1908 | 1 Microsoft | 1 Internet Information Services | 2024-11-20 | N/A |
| Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters. | ||||
| CVE-2002-1907 | 1 Telcondex | 1 Simplewebserver | 2024-11-20 | N/A |
| TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | ||||
| CVE-2002-1906 | 1 Polycom | 1 Viavideo | 2024-11-20 | N/A |
| The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open. | ||||
| CVE-2002-1905 | 1 Polycom | 1 Viavideo | 2024-11-20 | N/A |
| Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | ||||
| CVE-2002-1904 | 1 Gaztek | 1 Ghttpd | 2024-11-20 | N/A |
| Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2002-1903 | 1 University Of Washington | 1 Pine | 2024-11-20 | N/A |
| Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information. | ||||
| CVE-2002-1902 | 1 Markus Triska | 1 Cgiforum | 2024-11-20 | N/A |
| CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent. | ||||
| CVE-2002-1901 | 1 Bodo Bauer | 1 Bbgallery | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags. | ||||
| CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | ||||
| CVE-2002-1899 | 1 Icewarp | 1 Web Mail | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" (addressname) parameter. | ||||
| CVE-2002-1898 | 1 Apple | 2 Mac Os X, Terminal | 2024-11-20 | N/A |
| Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window. | ||||
| CVE-2002-1897 | 1 Mywebserver | 1 Mywebserver | 2024-11-20 | N/A |
| MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow. | ||||
| CVE-2002-1896 | 1 Alsaplayer | 1 Alsaplayer | 2024-11-20 | N/A |
| Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument. | ||||
| CVE-2002-1895 | 1 Apache | 1 Tomcat | 2024-11-20 | N/A |
| The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN. | ||||
| CVE-2002-1894 | 1 Phpbb Group | 1 Phpbb | 2024-11-20 | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | ||||