Total
29911 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1478 | 1 The Cacti Group | 1 Cacti | 2026-06-16 | 10.0 HIGH | N/A |
| Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode. | |||||
| CVE-2002-1477 | 1 The Cacti Group | 1 Cacti | 2026-06-16 | 7.5 HIGH | N/A |
| graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode. | |||||
| CVE-2002-1476 | 1 Netbsd | 1 Netbsd | 2026-06-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a user-controlled locale string that has more than 6 elements, which exceeds the boundaries of the new_categories category array, as exploitable through programs such as xterm and zsh. | |||||
| CVE-2002-1475 | 1 Hp | 1 Tru64 | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service. | |||||
| CVE-2002-1474 | 1 Hp | 1 Tru64 | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to cause a denial of service. | |||||
| CVE-2002-1473 | 1 Hp | 1 Hp-ux | 2026-06-16 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2002-1472 | 1 Xfree86 Project | 1 X11r6 | 2026-06-16 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module. | |||||
| CVE-2002-1471 | 1 Ximian | 1 Evolution | 2026-06-16 | 5.0 MEDIUM | N/A |
| The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack. | |||||
| CVE-2002-1470 | 1 Nullsoft | 1 Shoutcast Server | 2026-06-16 | 2.1 LOW | N/A |
| SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file. | |||||
| CVE-2002-1469 | 1 Scponly | 1 Scponly | 2026-06-16 | 7.5 HIGH | N/A |
| scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs. | |||||
| CVE-2002-1468 | 1 Ibm | 1 Aix | 2026-06-16 | 10.0 HIGH | N/A |
| Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. | |||||
| CVE-2002-1467 | 1 Macromedia | 2 Flash Player, Shockwave | 2026-06-16 | 5.0 MEDIUM | N/A |
| Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file). | |||||
| CVE-2002-1466 | 1 Cafelog | 1 B2 | 2026-06-16 | 10.0 HIGH | N/A |
| CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable. | |||||
| CVE-2002-1465 | 1 Cafelog | 1 B2 | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable. | |||||
| CVE-2002-1464 | 1 Cafelog | 1 B2 | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable. | |||||
| CVE-2002-1463 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2026-06-16 | 7.5 HIGH | N/A |
| Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | |||||
| CVE-2002-1462 | 1 Organicphp | 1 Php-affiliate | 2026-06-16 | 5.0 MEDIUM | N/A |
| details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields. | |||||
| CVE-2002-1461 | 1 Webscriptworld | 1 Web Shop Manager | 2026-06-16 | 7.5 HIGH | N/A |
| Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. | |||||
| CVE-2002-1460 | 1 Leszek Krupinski | 1 L-forum | 2026-06-16 | 5.0 MEDIUM | N/A |
| L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files. | |||||
| CVE-2002-1459 | 1 Leszek Krupinski | 1 L-forum | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject. | |||||