Total
29912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0218 | 1 Sas | 2 Sas Base, Sas Integration Technologies | 2026-06-16 | 7.2 HIGH | N/A |
| Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument. | |||||
| CVE-2002-0217 | 1 Xoops | 1 Xoops | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php. | |||||
| CVE-2002-0216 | 1 Xoops | 1 Xoops | 2026-06-16 | 5.0 MEDIUM | N/A |
| userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter. | |||||
| CVE-2002-0215 | 1 Steve Kneizys | 1 Agora.cgi | 2026-06-16 | 5.0 MEDIUM | N/A |
| Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message. | |||||
| CVE-2002-0214 | 1 Intel | 1 Intel Pro Wireless 2011b Lan Usb Device Driver | 2026-06-16 | 2.1 LOW | N/A |
| Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key. | |||||
| CVE-2002-0213 | 2 Sgi, Xinet | 2 Irix, K-ashare | 2026-06-16 | 2.1 LOW | N/A |
| xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory. | |||||
| CVE-2002-0212 | 1 Hosting Controller | 1 Hosting Controller | 2026-06-16 | 7.5 HIGH | N/A |
| The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack. | |||||
| CVE-2002-0211 | 1 Tarantella | 1 Tarantella Enterprise | 2026-06-16 | 6.2 MEDIUM | N/A |
| Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed. | |||||
| CVE-2002-0210 | 1 Tolis Group | 1 Bru | 2026-06-16 | 7.2 HIGH | N/A |
| setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file. | |||||
| CVE-2002-0209 | 1 Nortel | 1 Alteon Acedirector | 2026-06-16 | 5.0 MEDIUM | N/A |
| Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address. | |||||
| CVE-2002-0207 | 1 Realnetworks | 2 Realone Player, Realplayer Intranet | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header. | |||||
| CVE-2002-0206 | 1 Francisco Burzi | 1 Php-nuke | 2026-06-16 | 7.5 HIGH | N/A |
| index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter. | |||||
| CVE-2002-0205 | 1 Plumtree | 1 Plumtree Corporate Portal | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter. | |||||
| CVE-2002-0204 | 1 Gnu | 1 Chess | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command. | |||||
| CVE-2002-0203 | 1 Tarantella | 1 Tarantella Enterprise | 2026-06-16 | 5.0 MEDIUM | N/A |
| ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter. | |||||
| CVE-2002-0202 | 1 Paintbbs | 1 Paintbbs | 2026-06-16 | 3.6 LOW | N/A |
| PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable oekakibbs.conf file, or (2) modify the server configuration via the world-writeable /oekaki/ folder. | |||||
| CVE-2002-0201 | 1 Cyberstop | 1 Cyberstop Web Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request, possibly triggering a buffer overflow. | |||||
| CVE-2002-0200 | 1 Cyberstop | 1 Cyberstop Web Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service via an HTTP request for an MS-DOS device name. | |||||
| CVE-2002-0199 | 1 Nullsoft | 1 Shoutcast Server | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes. | |||||
| CVE-2002-0198 | 1 Paul L Daniels | 2 Inflex, Ripmime | 2026-06-16 | 10.0 HIGH | N/A |
| Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename. | |||||
