Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-1345 3 Ncftp Software, Openbsd, Sun 4 Ncftp, Openbsd, Solaris and 1 more 2026-04-16 N/A
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
CVE-2002-0246 1 Caldera 1 Unixware 2026-04-16 N/A
Format string vulnerability in the message catalog library functions in UnixWare 7.1.1 allows local users to gain privileges by modifying the LC_MESSAGE environment variable to read other message catalogs containing format strings from setuid programs such as vxprint.
CVE-2002-1244 1 Pablo Software Solutions 1 Pablo Ftp Server 2026-04-16 N/A
Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command.
CVE-2002-1242 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authenticated users to modify the database and gain privileges via the "bio" argument to modules.php.
CVE-2002-1238 1 Peter Sandvik 1 Simple Web Server 2026-04-16 N/A
Peter Sandvik's Simple Web Server 0.5.1 and earlier allows remote attackers to bypass access restrictions for files via an HTTP request with a sequence of multiple / (slash) characters such as http://www.example.com///file/.
CVE-2002-1236 1 Linksys 1 Befsr41 2026-04-16 N/A
The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments.
CVE-2002-1231 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.
CVE-2002-1223 2 Kde, Redhat 2 Kde, Linux 2026-04-16 N/A
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
CVE-2002-0237 1 Iss 3 Blackice Agent, Blackice Defender, Realsecure Server Sensor 2026-04-16 N/A
Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets.
CVE-2002-0232 1 Mrtg 1 Multi Router Traffic Grapher Cgi 2026-04-16 N/A
Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14all-1.1.cgi, (3) traffic.cgi, or (4) mrtg.cgi.
CVE-2002-0229 1 Php 1 Php 2026-04-16 N/A
Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
CVE-2003-0995 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request.
CVE-2002-1217 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions.
CVE-2002-0228 1 Microsoft 1 Msn Messenger 2026-04-16 N/A
Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or DNS-spoofed sites).
CVE-2002-1216 2 Gnu, Redhat 3 Tar, Enterprise Linux, Linux 2026-04-16 N/A
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.
CVE-2002-0227 2 Kde, Kicq 2 Kde, Kicq 2026-04-16 N/A
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.
CVE-2002-1214 1 Microsoft 3 Windows 2000, Windows 2000 Terminal Services, Windows Xp 2026-04-16 N/A
Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data.
CVE-2002-0222 1 Etype 1 Eserv 2026-04-16 N/A
Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
CVE-2002-0221 1 Etype 1 Eserv 2026-04-16 N/A
Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.
CVE-2002-0217 1 Xoops 1 Xoops 2026-04-16 N/A
Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.