Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0308 1 Stefan Holmberg 1 Admentor 2026-04-16 N/A
admin.asp in AdMentor 2.11 allows remote attackers to bypass authentication and gain privileges via a SQL injection attack on the Login and Password arguments.
CVE-2002-0316 1 Xmb Software 1 Xmb Forum 2026-04-16 N/A
Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag.
CVE-2002-0325 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
Directory traversal vulnerability in BadBlue before 1.6.1 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the URL.
CVE-2002-0326 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript.
CVE-2002-0328 1 Ikonboard.com 1 Ikonboard 2026-04-16 N/A
Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag.
CVE-2002-0321 1 Yahoo 1 Messenger 2026-04-16 N/A
Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks.
CVE-2002-0323 1 Nombas 1 Scriptease Webserver 2026-04-16 N/A
comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL.
CVE-2002-0333 1 Xtell 1 Xtell 2026-04-16 N/A
Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument.
CVE-2002-0337 1 Realnetworks 1 Realplayer 2026-04-16 N/A
RealPlayer 8 allows remote attackers to cause a denial of service (CPU utilization) via malformed .mp3 files.
CVE-2002-0338 1 Ritlabs 1 The Bat 2026-04-16 N/A
The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name.
CVE-2002-0342 1 Kde 1 K-mail 2026-04-16 N/A
Kmail 1.2 on KDE 2.1.1 allows remote attackers to cause a denial of service (crash) via an email message whose body is approximately 55 K long.
CVE-2002-0357 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.
CVE-2002-0356 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.
CVE-2002-0358 1 Sgi 1 Mediamail 2026-04-16 N/A
MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges.
CVE-2002-0369 1 Microsoft 1 .net Framework 2026-04-16 N/A
Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode.
CVE-2002-0441 1 Jerrett Taylor 1 Php Imglist 2026-04-16 N/A
Directory traversal vulnerability in imlist.php for Php Imglist allows remote attackers to read arbitrary code via a .. (dot dot) in the cwd parameter.
CVE-2002-0387 1 Sun 1 One Application Server 2026-04-16 N/A
Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.
CVE-2002-0386 1 Oracle 1 Application Server 2026-04-16 N/A
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data.
CVE-2002-0384 2 Redhat, Rob Flynn 4 Enterprise Linux, Linux, Powertools and 1 more 2026-04-16 N/A
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
CVE-2002-0395 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods.