Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29911 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0429 1 Linux 1 Linux Kernel 2026-06-16 3.6 LOW N/A
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).
CVE-2002-0428 1 Checkpoint 3 Check Point Vpn, Firewall-1, Next Generation 2026-06-16 7.5 HIGH N/A
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file.
CVE-2002-0427 1 Christof Pohl 1 Improved Mod Frontpage 2026-06-16 10.0 HIGH N/A
Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.
CVE-2002-0426 1 Linksys 1 Befvp41 2026-06-16 7.5 HIGH N/A
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.
CVE-2002-0425 1 Khaled Mardam-bey 1 Mirc 2026-06-16 5.0 MEDIUM N/A
mIRC DCC server protocol allows remote attackers to gain sensitive information such as alternate IRC nicknames via a "100 testing" message in a DCC connection request that cannot be ignored or canceled by the user, which may leak the alternate nickname in a response message.
CVE-2002-0424 1 Efingerd 1 Efingerd 2026-06-16 4.6 MEDIUM N/A
efingerd 1.61 and earlier, when configured without the -u option, executes .efingerd files as the efingerd user (typically "nobody"), which allows local users to gain privileges as the efingerd user by modifying their own .efingerd file and running finger.
CVE-2002-0423 1 Efingerd 1 Efingerd 2026-06-16 10.0 HIGH N/A
Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a finger request from an IP address with a long hostname that is obtained via a reverse DNS lookup.
CVE-2002-0421 1 Microsoft 1 Windows Nt 2026-06-16 5.0 MEDIUM N/A
IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr.
CVE-2002-0420 1 Claymore Systems Inc 1 Puretls 2026-06-16 7.5 HIGH N/A
Vulnerability in PureTLS before 0.9b2 related to injection attacks, which could possibly allow remote attackers to corrupt or hijack user sessions.
CVE-2002-0418 1 Endymion 1 Sake Mail 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter.
CVE-2002-0417 1 Endymion 1 Mailman Webmail 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs.
CVE-2002-0416 1 Sh39 1 Mailserver 2026-06-16 10.0 HIGH N/A
Buffer overflow in SH39 MailServer 1.21 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long command to the SMTP port.
CVE-2002-0415 1 Realnetworks 1 Realplayer 2026-06-16 1.7 LOW N/A
Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275.
CVE-2002-0414 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-06-16 7.5 HIGH N/A
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets.
CVE-2002-0413 1 Rebb 1 Rebb 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in ReBB allows remote attackers to execute arbitrary Javascript and steal cookies via an IMG tag whose URL includes the malicious script.
CVE-2002-0412 1 Luca Deri 1 Ntop 2026-06-16 7.5 HIGH N/A
Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication.
CVE-2002-0411 1 Aeromail 1 Aeromail 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line.
CVE-2002-0410 1 Aeromail 1 Aeromail 2026-06-16 5.0 MEDIUM N/A
send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded.
CVE-2002-0409 1 Microsoft 1 .net Framework 2026-06-16 5.0 MEDIUM N/A
orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.
CVE-2002-0408 1 Lotus 1 Domino 2026-06-16 5.0 MEDIUM N/A
htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message.