Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29916 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0131 1 Activestate 1 Activepython 2026-06-16 5.0 MEDIUM N/A
ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script.
CVE-2002-0130 1 Efax 1 Efax 2026-06-16 7.2 HIGH N/A
Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument.
CVE-2002-0129 1 Efax 1 Efax 2026-06-16 2.1 LOW N/A
efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message.
CVE-2002-0128 1 Sambar 1 Sambar Server 2026-06-16 7.5 HIGH N/A
cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long argument.
CVE-2002-0127 1 Netgear 1 Rp114 2026-06-16 5.0 MEDIUM N/A
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.
CVE-2002-0126 1 Selom Ofori 1 Blackmoon Ftp Server 2026-06-16 7.5 HIGH N/A
Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3) CWD.
CVE-2002-0125 1 Clanlib 1 Clanlib 2026-06-16 7.2 HIGH N/A
Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as (1) Super Methane Brothers, (2) Star War, (3) Kwirk, (4) Clankanoid, and others, via a long HOME environment variable.
CVE-2002-0124 1 Mdg Computer Services 1 Web Server 4d Ecommerce 2026-06-16 5.0 MEDIUM N/A
MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request.
CVE-2002-0123 1 Mdg Computer Services 1 Web Server 4d Ecommerce 2026-06-16 7.5 HIGH N/A
MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, and possibly 3.5.3, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.
CVE-2002-0122 1 Siemens 1 3568i Wap 2026-06-16 5.0 MEDIUM N/A
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.
CVE-2002-0121 1 Php 1 Php 2026-06-16 2.1 LOW N/A
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
CVE-2002-0120 1 Palm 1 Palm Desktop 2026-06-16 2.1 LOW N/A
Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information.
CVE-2002-0119 1 Alcatel 1 Speed Touch Home 2026-06-16 5.0 MEDIUM N/A
Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection.
CVE-2002-0118 1 Infopop 1 Ultimate Bulletin Board 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
CVE-2002-0117 1 Yabb 1 Yabb 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
CVE-2002-0116 1 Palm 1 Palm Os 2026-06-16 5.0 MEDIUM N/A
Palm OS 3.5h and possibly other versions, as used in Handspring Visor and Xircom products, allows remote attackers to cause a denial of service via a TCP connect scan, e.g. from nmap.
CVE-2002-0115 1 Martin Roesch 1 Snort 2026-06-16 5.0 MEDIUM N/A
Snort 1.8.3 does not properly define the minimum ICMP header size, which allows remote attackers to cause a denial of service (crash and core dump) via a malformed ICMP packet.
CVE-2002-0114 1 Emc 1 Networker 2026-06-16 4.6 MEDIUM N/A
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
CVE-2002-0113 1 Emc 1 Networker 2026-06-16 4.6 MEDIUM N/A
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
CVE-2002-0112 1 Etype 1 Eserv 2026-06-16 5.0 MEDIUM N/A
Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.