Total
29910 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1578 | 1 Sap | 1 Sap R 3 | 2026-06-16 | 7.5 HIGH | N/A |
| The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected. | |||||
| CVE-2002-1577 | 1 Sap | 1 Sap R 3 | 2026-06-16 | 7.5 HIGH | N/A |
| SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts. | |||||
| CVE-2002-1576 | 1 Sap | 1 Sap Db | 2026-06-16 | 7.2 HIGH | N/A |
| lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program. | |||||
| CVE-2002-1575 | 1 Mit | 1 Cgiemail | 2026-06-16 | 5.0 MEDIUM | N/A |
| cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message. | |||||
| CVE-2002-1574 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. | |||||
| CVE-2002-1573 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling." | |||||
| CVE-2002-1572 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 10.0 HIGH | N/A |
| Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors. | |||||
| CVE-2002-1571 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 2.1 LOW | N/A |
| The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers. | |||||
| CVE-2002-1570 | 1 Ucd-snmp | 1 Ucd-snmp | 2026-06-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array. | |||||
| CVE-2002-1569 | 2 Ghostview, Gv | 2 Ghostview, Gv | 2026-06-16 | 7.5 HIGH | N/A |
| gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file. | |||||
| CVE-2002-1568 | 1 Openssl | 1 Openssl | 2026-06-16 | 5.0 MEDIUM | N/A |
| OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c. | |||||
| CVE-2002-1567 | 1 Apache | 1 Tomcat | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script. | |||||
| CVE-2002-1566 | 1 Netris | 1 Netris | 2026-06-16 | 5.0 MEDIUM | N/A |
| netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284. | |||||
| CVE-2002-1565 | 1 Immunix | 1 Immunix | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL. | |||||
| CVE-2002-1564 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. | |||||
| CVE-2002-1563 | 1 Stunnel | 1 Stunnel | 2026-06-16 | 1.2 LOW | N/A |
| stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter. | |||||
| CVE-2002-1562 | 1 Acme Labs | 1 Thttpd | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header. | |||||
| CVE-2002-1561 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference. | |||||
| CVE-2002-1560 | 1 Martin Bauer | 1 Gbook | 2026-06-16 | 10.0 HIGH | N/A |
| index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true. | |||||
| CVE-2002-1559 | 1 Research Systems Inc. | 1 Ion Script | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote attackers to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter. | |||||