Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2002-2071

Publication date:
31/12/2002
Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2072

Publication date:
31/12/2002
java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2074

Publication date:
31/12/2002
SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary SQL commands via the search web page.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2075

Publication date:
31/12/2002
ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2076

Publication date:
31/12/2002
Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2078

Publication date:
31/12/2002
Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP USER command.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2079

Publication date:
31/12/2002
mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attackers to cause a denial of service via malformed packets.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2080

Publication date:
31/12/2002
Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of service (memory and CPU consumption) via a large number of RCPT TO: messages during an SMTP session.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2081

Publication date:
31/12/2002
cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2082

Publication date:
31/12/2002
FTGate and FTGate Pro 1.05 lock user mailboxes before authentication succeeds, which allows remote attackers to lock the mailboxes of other users.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2083

Publication date:
31/12/2002
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2002-2084

Publication date:
31/12/2002
Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025