Export limit exceeded: 363401 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0433 | 1 Pi3 | 1 Pi3web | 2026-04-16 | N/A |
| Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character. | ||||
| CVE-2002-0434 | 1 Marcus S. Xenakis | 1 Directory.php | 2026-04-16 | N/A |
| Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. | ||||
| CVE-2002-0436 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. | ||||
| CVE-2002-0437 | 1 Stefan Frings | 1 Sms Server Tools | 2026-04-16 | N/A |
| Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote attackers to execute arbitrary commands via shell metacharacters (backquotes) in message text, as described with the term "string format vulnerability" by some sources. | ||||
| CVE-2002-0438 | 1 Zyxel | 1 Zywall10 | 2026-04-16 | N/A |
| ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial of service via an ARP packet with the firewall's IP address and an incorrect MAC address, which causes the firewall to disable the LAN interface. | ||||
| CVE-2002-0439 | 1 Caupo.net | 1 Cauposhop | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information fields such as the message field. | ||||
| CVE-2002-0546 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file. | ||||
| CVE-2002-0441 | 1 Jerrett Taylor | 1 Php Imglist | 2026-04-16 | N/A |
| Directory traversal vulnerability in imlist.php for Php Imglist allows remote attackers to read arbitrary code via a .. (dot dot) in the cwd parameter. | ||||
| CVE-2002-0442 | 1 Caldera | 1 Openserver | 2026-04-16 | N/A |
| Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges. | ||||
| CVE-2002-0454 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | N/A |
| Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop. | ||||
| CVE-2002-0455 | 1 Incredimail | 1 Incredimail | 2026-04-16 | N/A |
| IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | ||||
| CVE-2002-0456 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. | ||||
| CVE-2002-0465 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files, and execute commands, via a .. (dot dot) in the OpenPath parameter. | ||||
| CVE-2002-0458 | 1 Linux-sottises | 1 News-tnk | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | ||||
| CVE-2002-0459 | 1 Linux-sottises | 2 Board-tnk, News-tnk | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | ||||
| CVE-2002-0460 | 1 Bitvise | 1 Winsshd | 2026-04-16 | N/A |
| Bitvise WinSSHD before 2002-03-16 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of incomplete connections that are not properly terminated, which are not properly freed by SSHd. | ||||
| CVE-2002-0463 | 1 Arsc Really Simple Chat | 1 Arsc Really Simple Chat | 2026-04-16 | N/A |
| home.php in ARSC (Really Simple Chat) 1.0.1 and earlier allows remote attackers to determine the full pathname of the web server via an invalid language in the arsc_language parameter, which leaks the pathname in an error message. | ||||
| CVE-2002-0467 | 2 Ecartis, Listar | 2 Ecartis, Listar | 2026-04-16 | N/A |
| Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c. | ||||
| CVE-2002-0469 | 2 Ecartis, Listar | 2 Ecartis, Listar | 2026-04-16 | N/A |
| Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges. | ||||
| CVE-2002-0470 | 1 Phpnettoolpack | 1 Phpnettoolpack | 2026-04-16 | N/A |
| PHPNetToolpack 0.1 relies on its environment's PATH to find and execute the traceroute program, which could allow local users to gain privileges by inserting a Trojan horse program into the search path. | ||||