Total
29910 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1558 | 1 Cisco | 1 Optical Networking Systems Software | 2026-06-16 | 10.0 HIGH | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet. | |||||
| CVE-2002-1557 | 1 Cisco | 1 Optical Networking Systems Software | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | |||||
| CVE-2002-1556 | 1 Cisco | 1 Optical Networking Systems Software | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR). | |||||
| CVE-2002-1555 | 1 Cisco | 1 Optical Networking Systems Software | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2002-1554 | 1 Cisco | 1 Optical Networking Systems Software | 2026-06-16 | 4.6 MEDIUM | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup. | |||||
| CVE-2002-1553 | 1 Cisco | 1 Optical Networking Systems Software | 2026-06-16 | 7.5 HIGH | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist. | |||||
| CVE-2002-1552 | 1 Novell | 1 Edirectory | 2026-06-16 | 7.5 HIGH | N/A |
| Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. | |||||
| CVE-2002-1551 | 1 Ibm | 1 Aix | 2026-06-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2002-1550 | 1 Ibm | 1 Aix | 2026-06-16 | 4.6 MEDIUM | N/A |
| dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2002-1549 | 1 Light Httpd | 1 Light Httpd | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2002-1548 | 1 Ibm | 1 Aix | 2026-06-16 | 7.2 HIGH | N/A |
| Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called." | |||||
| CVE-2002-1547 | 1 Juniper | 1 Netscreen Screenos | 2026-06-16 | 5.0 MEDIUM | N/A |
| Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144. | |||||
| CVE-2002-1546 | 1 Brs | 1 Webweaver | 2026-06-16 | 7.5 HIGH | N/A |
| BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence. | |||||
| CVE-2002-1545 | 1 Cooolsoft | 1 Personal Ftp Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response. | |||||
| CVE-2002-1544 | 1 Cooolsoft | 1 Personal Ftp Server | 2026-06-16 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get. | |||||
| CVE-2002-1543 | 1 Netbsd | 1 Netbsd | 2026-06-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. | |||||
| CVE-2002-1542 | 1 Solarwinds | 1 Tftp Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow. | |||||
| CVE-2002-1541 | 1 Working Resources Inc. | 1 Badblue | 2026-06-16 | 7.5 HIGH | N/A |
| BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash). | |||||
| CVE-2002-1540 | 1 Symantec | 1 Norton Antivirus | 2026-06-16 | 7.2 HIGH | N/A |
| The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32. | |||||
| CVE-2002-1539 | 1 Alt-n | 1 Mdaemon | 2026-06-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments. | |||||