Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29911 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0669 1 Pingtel 1 Xpressa 2026-06-16 5.0 MEDIUM N/A
The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIP_AUTHENTICATE_SCHEME value to force authentication of incoming calls, which does not notify the user when an authentication failure occurs.
CVE-2002-0668 1 Pingtel 1 Xpressa 2026-06-16 7.5 HIGH N/A
The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the Call Forwarding settings and hijack calls.
CVE-2002-0667 1 Pingtel 1 Xpressa 2026-06-16 10.0 HIGH N/A
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone.
CVE-2002-0666 6 Apple, Freebsd, Frees Wan and 3 more 12 Mac Os X, Mac Os X Server, Freebsd and 9 more 2026-06-16 5.0 MEDIUM N/A
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
CVE-2002-0665 1 Macromedia 1 Jrun 2026-06-16 10.0 HIGH N/A
Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL.
CVE-2002-0664 1 Granite Software 1 Zmerge 2026-06-16 7.5 HIGH N/A
The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts.
CVE-2002-0663 1 Symantec 2 Norton Internet Security, Norton Personal Firewall 2026-06-16 7.5 HIGH N/A
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request.
CVE-2002-0662 1 Dan Mueth 1 Scrollkeeper 2026-06-16 2.1 LOW N/A
scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.
CVE-2002-0661 1 Apache 1 Http Server 2026-06-16 7.5 HIGH N/A
Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
CVE-2002-0660 1 Greg Roelofs 2 Libpng, Libpng3 2026-06-16 7.5 HIGH N/A
Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728.
CVE-2002-0659 3 Apple, Openssl, Oracle 5 Mac Os X, Openssl, Application Server and 2 more 2026-06-16 5.0 MEDIUM N/A
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
CVE-2002-0658 1 Ossp 1 Mm 2026-06-16 6.2 MEDIUM N/A
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
CVE-2002-0657 1 Openssl 1 Openssl 2026-06-16 7.5 HIGH N/A
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.
CVE-2002-0656 3 Apple, Openssl, Oracle 5 Mac Os X, Openssl, Application Server and 2 more 2026-06-16 7.5 HIGH N/A
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
CVE-2002-0655 3 Apple, Openssl, Oracle 5 Mac Os X, Openssl, Application Server and 2 more 2026-06-16 7.5 HIGH N/A
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2002-0654 1 Apache 1 Http Server 2026-06-16 5.0 MEDIUM N/A
Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that occurs when a script (child process) cannot be invoked.
CVE-2002-0652 1 Sgi 1 Irix 2026-06-16 7.5 HIGH N/A
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().
CVE-2002-0651 1 Isc 1 Bind 2026-06-16 7.5 HIGH N/A
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
CVE-2002-0650 1 Microsoft 1 Sql Server 2026-06-16 5.0 MEDIUM N/A
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two servers to exchange packets in an infinite loop.
CVE-2002-0648 1 Microsoft 1 Internet Explorer 2026-06-16 5.0 MEDIUM N/A
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.