Total
29911 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0864 | 1 Microsoft | 4 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 1 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop." | |||||
| CVE-2002-0863 | 1 Microsoft | 5 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 2 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." | |||||
| CVE-2002-0861 | 1 Microsoft | 2 Office Web Components, Project | 2026-06-16 | 7.5 HIGH | N/A |
| Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script" setting, even when it is disabled, via the (1) Copy method of the Cell object or (2) the Paste method of the Range object. | |||||
| CVE-2002-0860 | 1 Microsoft | 2 Office Web Components, Project | 2026-06-16 | 5.0 MEDIUM | N/A |
| The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to read arbitrary files through Internet Explorer via a URL that redirects to the target file. | |||||
| CVE-2002-0859 | 1 Microsoft | 2 Jet, Sql Server | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-0858 | 1 Oracle | 2 Oracle8i, Oracle9i | 2026-06-16 | 7.5 HIGH | N/A |
| catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges. | |||||
| CVE-2002-0857 | 1 Oracle | 2 Database Server, Oracle8i | 2026-06-16 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file. | |||||
| CVE-2002-0856 | 1 Oracle | 2 Database Server, Oracle9i | 2026-06-16 | 5.0 MEDIUM | N/A |
| SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature. | |||||
| CVE-2002-0855 | 1 Gnu | 1 Mailman | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature. | |||||
| CVE-2002-0854 | 1 Suse | 1 Suse Linux | 2026-06-16 | 7.2 HIGH | N/A |
| Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3, 8.0, and possibly other operating systems, may allow local users to gain privileges. | |||||
| CVE-2002-0853 | 1 Cisco | 1 Vpn Client | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload. | |||||
| CVE-2002-0852 | 1 Cisco | 1 Vpn Client | 2026-06-16 | 5.0 MEDIUM | N/A |
| Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads. | |||||
| CVE-2002-0851 | 1 Isdn4linux | 1 Isdn4linux | 2026-06-16 | 7.2 HIGH | N/A |
| Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog. | |||||
| CVE-2002-0850 | 1 Pgp | 1 Corporate Desktop | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote attackers to execute arbitrary code via an encrypted document that has a long filename when it is decrypted. | |||||
| CVE-2002-0849 | 1 Cisco | 1 Iscsi Driver | 2026-06-16 | 4.6 MEDIUM | N/A |
| Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password. | |||||
| CVE-2002-0848 | 1 Cisco | 2 Vpn 5000 Concentrator, Vpn 5000 Concentrator Series Software | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing. | |||||
| CVE-2002-0847 | 1 Tinyproxy | 1 Tinyproxy | 2026-06-16 | 7.5 HIGH | N/A |
| tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free). | |||||
| CVE-2002-0846 | 1 Macromedia | 1 Shockwave Flash | 2026-06-16 | 7.5 HIGH | N/A |
| The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length. | |||||
| CVE-2002-0845 | 1 Iplanet | 1 Iplanet Web Server | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding. | |||||
| CVE-2002-0843 | 2 Apache, Oracle | 4 Http Server, Application Server, Database Server and 1 more | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response. | |||||