2002 CVEs

2393 CVEs published in 2002. 12 critical, 35 high. Browse by vendor, severity, or with PoCs.

Top CVEs published in 2002
CVESeverityScorePublishedSummary
CVE-2002-2444Critical9.82019-10-28Snoopy before 2.0.0 has a security hole in exec cURL
CVE-2002-1484Critical9.82003-04-22DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (po…
CVE-2002-2119Critical9.82002-12-31Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.
CVE-2002-1820Critical9.82002-12-31register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the…
CVE-2002-1816Critical9.82002-12-31Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long H…
CVE-2002-1347Critical9.82002-12-18Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (…
CVE-2002-0391Critical9.82002-08-12Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remo…
CVE-2002-0671Critical9.82002-07-23Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applic…
CVE-2002-0639Critical9.82002-07-03Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResp…
CVE-2002-0083Critical9.82002-03-15Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2002-0059Critical9.82002-03-15The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than…
CVE-2002-1798Critical9.12002-12-31MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive…
CVE-2002-2439High7.82019-10-23Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.
CVE-2002-1844High7.82002-12-31Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete o…
CVE-2002-1796High7.82002-12-31ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local…
CVE-2002-0969High7.82002-10-11Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a lo…
CVE-2002-0844High7.82002-08-12Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.
CVE-2002-0653High7.82002-07-11Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows loca…
CVE-2002-0367High7.82002-06-25smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to…
CVE-2002-0184High7.82002-05-16Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special c…