Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-1488 1 Cerulean Studios 1 Trillian 2026-04-16 N/A
The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) via a PART message with (1) a missing channel or (2) a channel that the Trillian user is not in.
CVE-2002-1489 1 Planetdns 1 Planetweb 2026-04-16 N/A
Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long URL or (2) a request with a long method name.
CVE-2002-1490 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes.
CVE-2002-1502 1 Dave Brul 1 Xbreaky 2026-04-16 N/A
Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file.
CVE-2002-1507 1 Epic Games 1 Unreal Tournament Server 2026-04-16 N/A
Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of service via malformed messages containing a small number of characters to UDP ports 7778 or 10777.
CVE-2002-1508 2 Openldap, Redhat 3 Openldap, Enterprise Linux, Linux 2026-04-16 N/A
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.
CVE-2002-1514 1 Borland Software 1 Interbase 2026-04-16 N/A
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
CVE-2005-3320 1 Siteturn 1 Domain Manager Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager Pro allows remote attackers to inject arbitrary web script or HTML via the err parameter in the panel script.
CVE-2002-0562 1 Oracle 3 Application Server, Application Server Web Cache, Oracle9i 2026-04-16 N/A
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa.
CVE-2005-3346 1 Osh 1 Osh 2026-04-16 N/A
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call.
CVE-2002-0564 1 Oracle 4 Application Server, Application Server Web Cache, Oracle8i and 1 more 2026-04-16 N/A
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials.
CVE-2002-0571 1 Oracle 1 Oracle9i 2026-04-16 N/A
Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax.
CVE-2002-0573 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.
CVE-2005-3374 1 Frisk Software 1 F-prot Antivirus 2026-04-16 N/A
Multiple interpretation error in F-Prot 3.16c allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
CVE-2002-0587 1 Aol 1 Aol Server 2026-04-16 N/A
Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters.
CVE-2002-0589 1 Steve Korbett 1 Pvote 2026-04-16 N/A
PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password.
CVE-2002-0598 1 Foundstone 1 Fscan 2026-04-16 N/A
Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner.
CVE-2002-0600 2 Kth, Luke Mewburn 2 Kth Kerberos, Lukemftp 2026-04-16 N/A
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.
CVE-2002-0617 1 Microsoft 2 Excel, Office 2026-04-16 N/A
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass."
CVE-2002-0620 1 Microsoft 1 Commerce Server 2026-04-16 N/A
Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote attackers to cause the server to fail or run arbitrary code in the LocalSystem security context via an input field using an affected API.