Export limit exceeded: 363401 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1862 | 1 Virtualzone | 1 Smartmail Server | 2026-04-16 | N/A |
| SmartMail Server 2.0 allows remote attackers to cause a denial of service (crash) by sending data and closing the connection before all the data has been sent. | ||||
| CVE-2002-1864 | 1 Sws | 1 Sws Simple Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request. | ||||
| CVE-2002-1868 | 1 Daniel Stenberg | 1 Dispair | 2026-04-16 | N/A |
| Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields. | ||||
| CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | ||||
| CVE-2002-1878 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter. | ||||
| CVE-2002-1879 | 1 Lokwa | 1 Lokwabb | 2026-04-16 | N/A |
| SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the (1) member parameter to member.php or (2) loser parameter to misc.php. | ||||
| CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2026-04-16 | N/A |
| Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | ||||
| CVE-2002-1883 | 1 Trolltech | 1 Qt Assistant | 2026-04-16 | N/A |
| Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service. | ||||
| CVE-2002-1884 | 1 Py-membres | 1 Py-membres | 2026-04-16 | N/A |
| index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | ||||
| CVE-2002-1885 | 1 Powerphlogger | 1 Powerphlogger | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter. | ||||
| CVE-2002-1886 | 1 Tightauction | 1 Tightauction | 2026-04-16 | N/A |
| TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password. | ||||
| CVE-2002-1887 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter. | ||||
| CVE-2002-1888 | 1 Commonname | 1 Commonname Toolbar | 2026-04-16 | N/A |
| CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names. | ||||
| CVE-2002-1893 | 1 Argosoft | 1 Argosoft Mail Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers to inject arbitrary web script or HTML via the e-mail message. | ||||
| CVE-2002-1894 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | ||||
| CVE-2002-1896 | 1 Alsaplayer | 1 Alsaplayer | 2026-04-16 | N/A |
| Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument. | ||||
| CVE-2002-1906 | 1 Polycom | 1 Viavideo | 2026-04-16 | N/A |
| The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open. | ||||
| CVE-2002-1907 | 1 Telcondex | 1 Simplewebserver | 2026-04-16 | N/A |
| TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | ||||
| CVE-2002-1909 | 1 Click2learn | 1 Ingenium Learning Management System | 2026-04-16 | N/A |
| Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the hashed administrative password in a config.txt file under the htdocs directory, which allows remote attackers to obtain the administrative password. | ||||
| CVE-2002-1911 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue. | ||||