Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29918 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0071 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-06-16 7.5 HIGH N/A
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
CVE-2002-0069 2 Redhat, Squid 2 Linux, Squid 2026-06-16 2.6 LOW N/A
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
CVE-2002-0068 2 Redhat, Squid 2 Linux, Squid 2026-06-16 7.5 HIGH N/A
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
CVE-2002-0067 2 Redhat, Squid 2 Linux, Squid 2026-06-16 7.5 HIGH N/A
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
CVE-2002-0066 2 Bindview, Funk Software 2 Netrc, Funk Software Proxy 2026-06-16 7.5 HIGH N/A
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges.
CVE-2002-0065 2 Bindview, Funk Software 2 Netrc, Funk Software Proxy 2026-06-16 7.2 HIGH N/A
Funk Software Proxy Host 3.x uses weak encryption for the Proxy Host password, which allows local users to gain privileges by recovering the passwords from the PHOST.INI file or the Windows registry.
CVE-2002-0064 2 Bindview, Funk Software 2 Netrc, Funk Software Proxy 2026-06-16 7.2 HIGH N/A
Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system.
CVE-2002-0063 1 Easy Software Products 1 Cups 2026-06-16 7.5 HIGH N/A
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
CVE-2002-0060 1 Linux 1 Linux Kernel 2026-06-16 7.5 HIGH N/A
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
CVE-2002-0058 2 Microsoft, Sun 4 Virtual Machine, Jdk, Jre and 1 more 2026-06-16 5.0 MEDIUM N/A
Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK.
CVE-2002-0057 1 Microsoft 4 Internet Explorer, Sql Server, Windows Xp and 1 more 2026-06-16 5.0 MEDIUM N/A
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.
CVE-2002-0056 1 Microsoft 1 Sql Server 2026-06-16 7.5 HIGH N/A
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
CVE-2002-0052 1 Microsoft 1 Internet Explorer 2026-06-16 5.0 MEDIUM N/A
Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files.
CVE-2002-0050 1 Microsoft 1 Commerce Server 2026-06-16 7.5 HIGH N/A
Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data.
CVE-2002-0048 1 Andrew Tridgell 1 Rsync 2026-06-16 10.0 HIGH N/A
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
CVE-2002-0047 1 Olaf Titz 1 Cipe 2026-06-16 5.0 MEDIUM N/A
CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service (crash) via a short malformed packet.
CVE-2002-0046 1 Linux 1 Linux Kernel 2026-06-16 5.0 MEDIUM N/A
Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet.
CVE-2002-0045 2 Openldap, Redhat 2 Openldap, Linux 2026-06-16 7.5 HIGH N/A
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs.
CVE-2002-0044 3 Debian, Gnu, Redhat 3 Debian Linux, Enscript, Linux 2026-06-16 3.6 LOW N/A
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
CVE-2002-0043 1 Todd Miller 1 Sudo 2026-06-16 7.2 HIGH N/A
sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.