Total
29737 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0865 | 1 Microsoft | 1 Virtual Machine | 2025-04-03 | N/A |
| A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes." | ||||
| CVE-2002-0883 | 1 Compaq | 1 Proliant Bl E-class Integrated Administrator Firmware | 2025-04-03 | N/A |
| Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities. | ||||
| CVE-2002-0881 | 1 Cisco | 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 | 2025-04-03 | N/A |
| Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings. | ||||
| CVE-2002-0913 | 1 Stephen Hebditch | 1 Slurp | 2025-04-03 | N/A |
| Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response. | ||||
| CVE-2002-0907 | 1 Nullsoft | 1 Shoutcast Server | 2025-04-03 | N/A |
| Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-". | ||||
| CVE-2002-0950 | 1 Transware | 1 Active Mail | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered. | ||||
| CVE-2002-0951 | 1 Ruslan Communications | 1 Body Builder | 2025-04-03 | N/A |
| SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password. | ||||
| CVE-2002-0975 | 1 Microsoft | 1 Directx Files Viewer Control | 2025-04-03 | N/A |
| Buffer overflow in Microsoft DirectX Files Viewer ActiveX control (xweb.ocx) 2.0.6.15 and earlier allows remote attackers to execute arbitrary via a long File parameter. | ||||
| CVE-2002-0977 | 1 Microsoft | 1 File Transfer Manager | 2025-04-03 | N/A |
| Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value. | ||||
| CVE-2002-0979 | 1 Microsoft | 1 Virtual Machine | 2025-04-03 | N/A |
| The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code. | ||||
| CVE-2002-1006 | 1 Bbc Education | 1 Betsie | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl. | ||||
| CVE-2002-1032 | 1 Key Focus | 1 Kf Web Server | 2025-04-03 | N/A |
| Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header. | ||||
| CVE-2002-1035 | 1 Omnicron | 1 Omnihttpd | 2025-04-03 | N/A |
| Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number. | ||||
| CVE-2002-1062 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | N/A |
| Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries. | ||||
| CVE-2002-1061 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | N/A |
| Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP GET request with a long major version number, (2) an HTTP GET request to the HTTP proxy on port 3128 with a long major version number, (3) a long OK reply from a POP3 server, and (4) a long SMTP server response. | ||||
| CVE-2002-1085 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Multiple cross-site scripting vulnerabilities in ezContents 1.41 and earlier allow remote attackers to execute script and steal cookies via the diary and other capabilities. | ||||
| CVE-2002-1086 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to conduct unauthorized activities. | ||||
| CVE-2002-1108 | 1 Cisco | 1 Vpn Client | 2025-04-03 | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel. | ||||
| CVE-2002-1113 | 1 Mantis | 1 Mantis | 2025-04-03 | N/A |
| summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code. | ||||
| CVE-2002-1153 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers, such as "Host". | ||||