Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2002-1583 | Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument. | 7.2 | 0.47% | 2004-09-28 | 2026-06-16 |
| CVE-2002-1580 | Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347. | 7.5 | 16.52% | 2004-06-14 | 2026-06-16 |
| CVE-2002-0385 | Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output. | 5.0 | 1.55% | 2004-06-01 | 2026-06-16 |
| CVE-2002-1579 | SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error. | 5.0 | 1.57% | 2004-04-15 | 2026-06-16 |
| CVE-2002-1578 | The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected. | 7.5 | 2.66% | 2004-04-15 | 2026-06-16 |
| CVE-2002-1577 | SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote attackers to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts. | 7.5 | 1.32% | 2004-04-15 | 2026-06-16 |
| CVE-2002-1576 | lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program. | 7.2 | 0.90% | 2004-04-15 | 2026-06-16 |
| CVE-2002-1575 | cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message. | 5.0 | 1.39% | 2004-03-03 | 2026-06-16 |
| CVE-2002-1574 | Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. | 4.6 | 0.41% | 2004-03-03 | 2026-06-16 |
| CVE-2002-0712 | Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations. | 2.1 | 5.26% | 2004-02-03 | 2026-06-16 |
| CVE-2002-0034 | The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected. | 4.6 | 1.88% | 2004-02-03 | 2026-06-16 |
| CVE-2002-1569 | gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file. | 7.5 | 2.32% | 2003-11-17 | 2026-06-16 |
| CVE-2002-1568 | OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c. | 5.0 | 2.73% | 2003-11-17 | 2026-06-16 |
| CVE-2002-1570 | Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array. | 7.5 | 5.52% | 2003-11-03 | 2026-06-16 |
| CVE-2002-1567 | Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script. | 6.8 | 26.80% | 2003-10-06 | 2026-06-16 |
| CVE-2002-1352 | Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product prices by changing the price parameter. | 5.0 | 1.10% | 2003-09-17 | 2026-06-16 |
| CVE-2002-1566 | netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284. | 5.0 | 3.31% | 2003-08-27 | 2026-06-16 |
| CVE-2002-1565 | Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL. | 7.5 | 2.95% | 2003-06-16 | 2026-06-16 |
| CVE-2002-1155 | Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument. | 7.2 | 1.06% | 2003-06-16 | 2026-06-16 |
| CVE-2002-1564 | Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. | 5.0 | 11.65% | 2003-06-09 | 2026-06-16 |