2002 CVEs
2393 CVEs published in 2002. 12 critical, 35 high. Browse by vendor, severity, or with PoCs.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2002-2444 | Critical | 9.8 | 2019-10-28 | Snoopy before 2.0.0 has a security hole in exec cURL |
CVE-2002-1484 | Critical | 9.8 | 2003-04-22 | DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (po… |
CVE-2002-2119 | Critical | 9.8 | 2002-12-31 | Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing. |
CVE-2002-1820 | Critical | 9.8 | 2002-12-31 | register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the… |
CVE-2002-1816 | Critical | 9.8 | 2002-12-31 | Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long H… |
CVE-2002-1347 | Critical | 9.8 | 2002-12-18 | Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (… |
CVE-2002-0391 | Critical | 9.8 | 2002-08-12 | Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remo… |
CVE-2002-0671 | Critical | 9.8 | 2002-07-23 | Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applic… |
CVE-2002-0639 | Critical | 9.8 | 2002-07-03 | Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResp… |
CVE-2002-0083 | Critical | 9.8 | 2002-03-15 | Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. |
CVE-2002-0059 | Critical | 9.8 | 2002-03-15 | The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than… |
CVE-2002-1798 | Critical | 9.1 | 2002-12-31 | MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive… |
CVE-2002-2439 | High | 7.8 | 2019-10-23 | Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. |
CVE-2002-1844 | High | 7.8 | 2002-12-31 | Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete o… |
CVE-2002-1796 | High | 7.8 | 2002-12-31 | ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local… |
CVE-2002-0969 | High | 7.8 | 2002-10-11 | Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a lo… |
CVE-2002-0844 | High | 7.8 | 2002-08-12 | Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code. |
CVE-2002-0653 | High | 7.8 | 2002-07-11 | Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows loca… |
CVE-2002-0367 | High | 7.8 | 2002-06-25 | smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to… |
CVE-2002-0184 | High | 7.8 | 2002-05-16 | Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special c… |