Total
29918 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0071 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. | |||||
| CVE-2002-0069 | 2 Redhat, Squid | 2 Linux, Squid | 2026-06-16 | 2.6 LOW | N/A |
| Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2002-0068 | 2 Redhat, Squid | 2 Linux, Squid | 2026-06-16 | 7.5 HIGH | N/A |
| Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | |||||
| CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2026-06-16 | 7.5 HIGH | N/A |
| Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | |||||
| CVE-2002-0066 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2026-06-16 | 7.5 HIGH | N/A |
| Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges. | |||||
| CVE-2002-0065 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2026-06-16 | 7.2 HIGH | N/A |
| Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry. | |||||
| CVE-2002-0064 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2026-06-16 | 7.2 HIGH | N/A |
| Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system. | |||||
| CVE-2002-0063 | 1 Easy Software Products | 1 Cups | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values. | |||||
| CVE-2002-0060 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 7.5 HIGH | N/A |
| IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions. | |||||
| CVE-2002-0058 | 2 Microsoft, Sun | 4 Virtual Machine, Jdk, Jre and 1 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK. | |||||
| CVE-2002-0057 | 1 Microsoft | 4 Internet Explorer, Sql Server, Windows Xp and 1 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source. | |||||
| CVE-2002-0056 | 1 Microsoft | 1 Sql Server | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection. | |||||
| CVE-2002-0052 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 5.0 MEDIUM | N/A |
| Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files. | |||||
| CVE-2002-0050 | 1 Microsoft | 1 Commerce Server | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data. | |||||
| CVE-2002-0048 | 1 Andrew Tridgell | 1 Rsync | 2026-06-16 | 10.0 HIGH | N/A |
| Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server. | |||||
| CVE-2002-0047 | 1 Olaf Titz | 1 Cipe | 2026-06-16 | 5.0 MEDIUM | N/A |
| CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service (crash) via a short malformed packet. | |||||
| CVE-2002-0046 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 5.0 MEDIUM | N/A |
| Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet. | |||||
| CVE-2002-0045 | 2 Openldap, Redhat | 2 Openldap, Linux | 2026-06-16 | 7.5 HIGH | N/A |
| slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. | |||||
| CVE-2002-0044 | 3 Debian, Gnu, Redhat | 3 Debian Linux, Enscript, Linux | 2026-06-16 | 3.6 LOW | N/A |
| GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | |||||
| CVE-2002-0043 | 1 Todd Miller | 1 Sudo | 2026-06-16 | 7.2 HIGH | N/A |
| sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked. | |||||
