Total
29911 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0407 | 1 Lotus | 1 Domino | 2026-06-16 | 5.0 MEDIUM | N/A |
| htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, or (2) a request containing a large number of periods, which causes htcgibin.exe to leak the pathname in an error message. | |||||
| CVE-2002-0406 | 1 Menasoft | 1 Sphereserver | 2026-06-16 | 5.0 MEDIUM | N/A |
| Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause a denial of service by establishing a large number of connections to the server without providing login credentials, which prevents other users from being able to log in. | |||||
| CVE-2002-0405 | 1 Transsoft | 1 Broker Ftp Server | 2026-06-16 | 10.0 HIGH | N/A |
| Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters. | |||||
| CVE-2002-0404 | 1 Ethereal Group | 1 Ethereal | 2026-06-16 | 5.0 MEDIUM | N/A |
| Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2002-0403 | 1 Ethereal Group | 1 Ethereal | 2026-06-16 | 5.0 MEDIUM | N/A |
| DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop. | |||||
| CVE-2002-0402 | 1 Ethereal Group | 1 Ethereal | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms. | |||||
| CVE-2002-0400 | 1 Isc | 1 Bind | 2026-06-16 | 5.0 MEDIUM | N/A |
| ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | |||||
| CVE-2002-0399 | 1 Gnu | 1 Tar | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. | |||||
| CVE-2002-0398 | 1 Red-m | 1 1050ap Lan Acess Point | 2026-06-16 | 10.0 HIGH | N/A |
| Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name. | |||||
| CVE-2002-0397 | 1 Red-m | 1 1050ap Lan Acess Point | 2026-06-16 | 5.0 MEDIUM | N/A |
| Red-M 1050 (Bluetooth Access Point) publicizes its name, IP address, and other information in UDP packets to a broadcast address, which allows any system on the network to obtain potentially sensitive information about the Access Point device by monitoring UDP port 8887. | |||||
| CVE-2002-0396 | 1 Red-m | 1 1050ap Lan Acess Point | 2026-06-16 | 7.5 HIGH | N/A |
| The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session. | |||||
| CVE-2002-0395 | 1 Red-m | 1 1050ap Lan Acess Point | 2026-06-16 | 10.0 HIGH | N/A |
| The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods. | |||||
| CVE-2002-0394 | 1 Red-m | 1 1050ap Lan Acess Point | 2026-06-16 | 10.0 HIGH | N/A |
| Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords. | |||||
| CVE-2002-0393 | 1 Red-m | 1 1050ap Lan Acess Point | 2026-06-16 | 10.0 HIGH | N/A |
| Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password. | |||||
| CVE-2002-0389 | 1 Gnu | 1 Mailman | 2026-06-16 | 2.1 LOW | N/A |
| Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. | |||||
| CVE-2002-0388 | 1 Gnu | 1 Mailman | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. | |||||
| CVE-2002-0387 | 1 Sun | 1 One Application Server | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. | |||||
| CVE-2002-0386 | 1 Oracle | 1 Application Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data. | |||||
| CVE-2002-0385 | 1 Vignette | 2 Storyserver, Vignette | 2026-06-16 | 5.0 MEDIUM | N/A |
| Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output. | |||||
| CVE-2002-0384 | 1 Rob Flynn | 1 Gaim | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. | |||||
