Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0358 1 Sgi 1 Mediamail 2026-04-16 N/A
MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges.
CVE-2002-0369 1 Microsoft 1 .net Framework 2026-04-16 N/A
Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode.
CVE-2002-0441 1 Jerrett Taylor 1 Php Imglist 2026-04-16 N/A
Directory traversal vulnerability in imlist.php for Php Imglist allows remote attackers to read arbitrary code via a .. (dot dot) in the cwd parameter.
CVE-2002-0387 1 Sun 1 One Application Server 2026-04-16 N/A
Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.
CVE-2002-0386 1 Oracle 1 Application Server 2026-04-16 N/A
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data.
CVE-2002-0384 2 Redhat, Rob Flynn 4 Enterprise Linux, Linux, Powertools and 1 more 2026-04-16 N/A
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
CVE-2002-0395 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods.
CVE-2002-0396 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session.
CVE-2002-0404 2 Ethereal Group, Redhat 4 Ethereal, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).
CVE-2002-0405 1 Transsoft 1 Broker Ftp Server 2026-04-16 N/A
Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters.
CVE-2002-0442 1 Caldera 1 Openserver 2026-04-16 N/A
Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.
CVE-2002-0449 1 Talentsoft 1 Web\+ Server 2026-04-16 N/A
Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long argument to webplus.exe program, which triggers the overflow in webpsvc.exe.
CVE-2002-0450 1 Talentsoft 1 Web\+ Server 2026-04-16 N/A
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language (wml) file name to (1) webplus.dll or (2) webplus.exe.
CVE-2002-0451 1 Phpprojekt 1 Phpprojekt 2026-04-16 N/A
filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote attackers to execute arbitrary PHP code by specifying the URL to the code in the lib_path parameter.
CVE-2002-0448 1 Xerver 1 Xerver 2026-04-16 N/A
Xerver Free Web Server 2.10 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request that contains many "C:/" sequences.
CVE-2002-0447 1 Xerver 1 Xerver 2026-04-16 N/A
Directory traversal vulnerability in Xerver Free Web Server 2.10 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in an HTTP GET request.
CVE-2002-0446 1 Black Tie Project 1 Black Tie Project 2026-04-16 N/A
categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID (cid) parameter, which leaks the pathname in an error message.
CVE-2002-0461 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop.
CVE-2002-0550 1 Gcf 1 Dynamic Guestbook 2026-04-16 N/A
Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.
CVE-2002-0458 1 Linux-sottises 1 News-tnk 2026-04-16 N/A
Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter.