PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log (pg_clog) data and cause a denial of service (data loss) via the VACUUM command.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-10-03
Updated
2017-07-11
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
Max CVSS
7.2
EPSS Score
0.07%
Published
2002-10-16
Updated
2017-10-11
The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-10-29
Updated
2018-10-30
Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic).
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-10-24
Updated
2018-10-30
Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier contain undocumented accounts (1) manuf and (2) diag with default passwords, which allows remote attackers to gain privileges.
Max CVSS
7.5
EPSS Score
2.52%
Published
2002-10-28
Updated
2016-10-18
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.
Max CVSS
5.0
EPSS Score
0.26%
Published
2002-10-28
Updated
2018-10-30
PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.
Max CVSS
7.5
EPSS Score
0.76%
Published
2002-10-28
Updated
2008-09-05
Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
Max CVSS
10.0
EPSS Score
0.42%
Published
2002-10-28
Updated
2016-10-18
Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.
Max CVSS
10.0
EPSS Score
0.94%
Published
2002-10-28
Updated
2016-10-18
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
Max CVSS
5.0
EPSS Score
1.56%
Published
2002-10-28
Updated
2008-09-05
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
Max CVSS
7.5
EPSS Score
0.82%
Published
2002-10-28
Updated
2008-09-05
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
Max CVSS
7.1
EPSS Score
0.98%
Published
2002-10-28
Updated
2008-09-10
Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions.
Max CVSS
7.5
EPSS Score
92.64%
Published
2002-10-28
Updated
2021-07-23
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.
Max CVSS
5.0
EPSS Score
0.22%
Published
2002-10-28
Updated
2016-10-18
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).
Max CVSS
10.0
EPSS Score
7.73%
Published
2002-10-28
Updated
2008-09-10

CVE-2002-1214

Public exploit
Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a certain PPTP packet with malformed control data.
Max CVSS
7.5
EPSS Score
96.77%
Published
2002-10-28
Updated
2019-04-30
Directory traversal vulnerability in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to read arbitrary files via an HTTP request with ".." (dot-dot) sequences containing URL-encoded forward slash ("%2F") characters.
Max CVSS
5.0
EPSS Score
0.36%
Published
2002-10-28
Updated
2008-09-10
Buffer overflow in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
Max CVSS
5.0
EPSS Score
1.12%
Published
2002-10-28
Updated
2008-09-10
IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed TCP packets without any flags set.
Max CVSS
5.0
EPSS Score
1.13%
Published
2002-10-28
Updated
2016-10-18
Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files.
Max CVSS
7.5
EPSS Score
0.75%
Published
2002-10-28
Updated
2008-09-10
IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers.
Max CVSS
5.0
EPSS Score
5.13%
Published
2002-10-28
Updated
2016-10-18
Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Max CVSS
7.5
EPSS Score
6.65%
Published
2002-10-28
Updated
2020-05-19
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Max CVSS
5.0
EPSS Score
0.43%
Published
2002-10-28
Updated
2018-10-30
Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.
Max CVSS
7.5
EPSS Score
0.19%
Published
2002-10-28
Updated
2016-10-18
bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.
Max CVSS
7.5
EPSS Score
1.54%
Published
2002-10-28
Updated
2016-10-18
314 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!