Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1552 | 1 Novell | 1 Edirectory | 2025-04-03 | N/A |
| Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. | ||||
| CVE-2002-1553 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist. | ||||
| CVE-2002-1554 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup. | ||||
| CVE-2002-1555 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2002-1556 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR). | ||||
| CVE-2002-1557 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | ||||
| CVE-2002-1558 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet. | ||||
| CVE-2002-1559 | 1 Research Systems Inc. | 1 Ion Script | 2025-04-03 | N/A |
| Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote attackers to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter. | ||||
| CVE-2002-1560 | 1 Martin Bauer | 1 Gbook | 2025-04-03 | N/A |
| index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true. | ||||
| CVE-2002-1561 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2025-04-03 | N/A |
| The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | ||||
| CVE-2002-1562 | 1 Acme Labs | 1 Thttpd | 2025-04-03 | N/A |
| Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header. | ||||
| CVE-2002-1563 | 2 Redhat, Stunnel | 3 Enterprise Linux, Linux, Stunnel | 2025-04-03 | N/A |
| stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter. | ||||
| CVE-2002-1565 | 2 Immunix, Redhat | 2 Immunix, Enterprise Linux | 2025-04-03 | N/A |
| Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL. | ||||
| CVE-2002-1566 | 1 Netris | 1 Netris | 2025-04-03 | N/A |
| netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284. | ||||
| CVE-2002-1567 | 1 Apache | 1 Tomcat | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script. | ||||
| CVE-2002-1568 | 2 Openssl, Redhat | 2 Openssl, Enterprise Linux | 2025-04-03 | N/A |
| OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c. | ||||
| CVE-2002-1569 | 2 Ghostview, Gv | 2 Ghostview, Gv | 2025-04-03 | N/A |
| gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file. | ||||
| CVE-2002-1570 | 1 Ucd-snmp | 1 Ucd-snmp | 2025-04-03 | N/A |
| Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array. | ||||
| CVE-2002-1571 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers. | ||||
| CVE-2002-1572 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors. | ||||