Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29912 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0218 1 Sas 2 Sas Base, Sas Integration Technologies 2026-06-16 7.2 HIGH N/A
Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument.
CVE-2002-0217 1 Xoops 1 Xoops 2026-06-16 7.5 HIGH N/A
Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.
CVE-2002-0216 1 Xoops 1 Xoops 2026-06-16 5.0 MEDIUM N/A
userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter.
CVE-2002-0215 1 Steve Kneizys 1 Agora.cgi 2026-06-16 5.0 MEDIUM N/A
Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.
CVE-2002-0214 1 Intel 1 Intel Pro Wireless 2011b Lan Usb Device Driver 2026-06-16 2.1 LOW N/A
Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key.
CVE-2002-0213 2 Sgi, Xinet 2 Irix, K-ashare 2026-06-16 2.1 LOW N/A
xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.
CVE-2002-0212 1 Hosting Controller 1 Hosting Controller 2026-06-16 7.5 HIGH N/A
The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack.
CVE-2002-0211 1 Tarantella 1 Tarantella Enterprise 2026-06-16 6.2 MEDIUM N/A
Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.
CVE-2002-0210 1 Tolis Group 1 Bru 2026-06-16 7.2 HIGH N/A
setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.
CVE-2002-0209 1 Nortel 1 Alteon Acedirector 2026-06-16 5.0 MEDIUM N/A
Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address.
CVE-2002-0207 1 Realnetworks 2 Realone Player, Realplayer Intranet 2026-06-16 7.5 HIGH N/A
Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header.
CVE-2002-0206 1 Francisco Burzi 1 Php-nuke 2026-06-16 7.5 HIGH N/A
index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.
CVE-2002-0205 1 Plumtree 1 Plumtree Corporate Portal 2026-06-16 7.5 HIGH N/A
Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter.
CVE-2002-0204 1 Gnu 1 Chess 2026-06-16 7.5 HIGH N/A
Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.
CVE-2002-0203 1 Tarantella 1 Tarantella Enterprise 2026-06-16 5.0 MEDIUM N/A
ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.
CVE-2002-0202 1 Paintbbs 1 Paintbbs 2026-06-16 3.6 LOW N/A
PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable oekakibbs.conf file, or (2) modify the server configuration via the world-writeable /oekaki/ folder.
CVE-2002-0201 1 Cyberstop 1 Cyberstop Web Server 2026-06-16 5.0 MEDIUM N/A
Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request, possibly triggering a buffer overflow.
CVE-2002-0200 1 Cyberstop 1 Cyberstop Web Server 2026-06-16 5.0 MEDIUM N/A
Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service via an HTTP request for an MS-DOS device name.
CVE-2002-0199 1 Nullsoft 1 Shoutcast Server 2026-06-16 7.5 HIGH N/A
Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes.
CVE-2002-0198 1 Paul L Daniels 2 Inflex, Ripmime 2026-06-16 10.0 HIGH N/A
Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename.