Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0118 1 Infopop 1 Ultimate Bulletin Board 2026-04-16 N/A
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
CVE-2002-0120 1 Palm 1 Palm Desktop 2026-04-16 N/A
Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information.
CVE-2002-0125 1 Clanlib 1 Clanlib 2026-04-16 N/A
Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as (1) Super Methane Brothers, (2) Star War, (3) Kwirk, (4) Clankanoid, and others, via a long HOME environment variable.
CVE-2002-0127 1 Netgear 1 Rp114 2026-04-16 N/A
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.
CVE-2002-0139 1 Pi-soft 1 Spoonftp 2026-04-16 N/A
Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
CVE-2002-0140 1 Dnrd 1 Dnrd 2026-04-16 N/A
Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions.
CVE-2002-0151 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2026-04-16 N/A
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
CVE-2002-0155 1 Microsoft 3 Msn Chat Control, Msn Messenger, Msn Messenger Service For Exchange 2026-04-16 N/A
Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.
CVE-2002-0157 2 Eazel, Redhat 2 Nautilus, Linux 2026-04-16 N/A
Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file.
CVE-2002-0160 1 Cisco 1 Secure Access Control Server 2026-04-16 N/A
The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002.
CVE-2002-0300 1 Gnujsp 1 Gnujsp 2026-04-16 N/A
gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file.
CVE-2002-0303 1 Novell 1 Groupwise 2026-04-16 N/A
GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows attackers to gain privileges of other users by logging in without a password.
CVE-2006-3362 2 Geeklog, Toenda Software Development 2 Geeklog, Toendacms 2026-04-16 N/A
Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when installed on Apache with mod_mime, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension and a trailing extension that is allowed, such as .zip.
CVE-2002-0309 1 Symantec 1 Enterprise Firewall 2026-04-16 N/A
SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
CVE-2002-0320 1 Yahoo 1 Messenger 2026-04-16 N/A
Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field.
CVE-2002-0327 1 Century Software 1 Term 2026-04-16 N/A
Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program.
CVE-2002-0329 1 Snitz Communications 1 Snitz Forums 2000 2026-04-16 N/A
Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.
CVE-2002-0331 1 Alcatech Gmbh 1 Bpm Studio Pro 2026-04-16 N/A
Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.
CVE-2002-0332 1 Xtell 1 Xtell 2026-04-16 N/A
Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request.
CVE-2002-0340 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via Trojan horse files containing .wmf content.