Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 249867 entries
IDDescriptionPriorityModified date
CVE-2002-2430 GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server. Medium Feb 6, 2009
CVE-2002-2429 webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header. Medium Feb 6, 2009
CVE-2002-2428 webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data. Medium Feb 6, 2009
CVE-2002-2427 The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass authentication and obtain access to protected web content via an extra slash in a URL, a different vulnerability than CVE-2002-1603. Medium Feb 6, 2009
CVE-2002-1976 ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap. LOW Sep 5, 2008
CVE-2002-1305 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-1304 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-1303 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-1302 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-1301 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-1300 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-1299 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-1298 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-1297 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-0826 Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command. HIGH Aug 13, 2019
CVE-2002-0811 Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi. High Feb 11, 2009
CVE-2002-0806 Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the del option. Low Sep 5, 2008
CVE-2002-0635 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-0634 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-0633 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2002-0510 The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. LOW Sep 5, 2008
CVE-2002-0471 PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable. High Sep 24, 2008
CVE-2002-0390 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0639. Reason: This candidate is a reservation duplicate of CVE-2002-0639. Notes: All CVE users should reference CVE-2002-0639 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage -- Nov 7, 2023
CVE-2002-0035 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2002. Notes: none -- Nov 7, 2023
CVE-2001-1594 GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, and possibly other accounts, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. High Aug 11, 2015
CVE-2001-1593 The tempname_ensure function lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file. Low Apr 7, 2014
CVE-2001-1592 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none -- Nov 7, 2023
CVE-2001-1591 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none -- Nov 7, 2023
CVE-2001-1590 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none -- Nov 7, 2023
CVE-2001-1589 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none -- Nov 7, 2023
CVE-2001-1588 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none -- Nov 7, 2023
CVE-2001-1587 NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. Medium Apr 5, 2010
CVE-2001-1586 Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier allows remote attackers to execute arbitrary programs via encoded ../ (%2E%2E%2F%) sequences in a request to the cgi-bin/ directory, a different vulnerability than CVE-2000-0664. High Feb 15, 2010
CVE-2001-1534 mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID\'s using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID\'s and bypass authentication when these session ID\'s are used for authentication. LOW Jul 15, 2021
CVE-2001-1021 Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD. HIGH Aug 13, 2019
CVE-2001-0814 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0813 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0812 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0811 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0810 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0802 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0798 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0657 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0656 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0655 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0654 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2001. Notes: none -- Nov 7, 2023
CVE-2001-0268 The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. MEDIUM --
CVE-2000-1254 crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms. Medium May 6, 2016
CVE-2000-1252 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none -- Nov 7, 2023
CVE-2000-1251 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none -- Nov 7, 2023
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online