Export limit exceeded: 348774 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1385 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| openwebmail_init in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. (dot dot) sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that specifies additional code to be executed. | ||||
| CVE-2002-1389 | 1 Typespeed | 1 Typespeed | 2026-04-16 | N/A |
| Buffer overflow in typespeed 0.4.2 and earlier allows local users to gain privileges via long input. | ||||
| CVE-2002-1390 | 1 Geneweb | 1 Geneweb | 2026-04-16 | N/A |
| The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL. | ||||
| CVE-2002-1392 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2026-04-16 | N/A |
| faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | ||||
| CVE-2002-1394 | 2 Apache, Redhat | 3 Tomcat, Rhel Stronghold, Stronghold | 2026-04-16 | N/A |
| Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | ||||
| CVE-2002-1395 | 2 Debian, Redhat | 3 Internet Message, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. | ||||
| CVE-2002-1396 | 2 Php, Redhat | 2 Php, Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2002-1416 | 1 Webeasymail | 1 Webeasymail | 2026-04-16 | N/A |
| The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks. | ||||
| CVE-2002-1418 | 1 Novell | 2 Netware, Small Business Suite | 2026-04-16 | N/A |
| Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name. | ||||
| CVE-2002-1419 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address. | ||||
| CVE-2002-1420 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation. | ||||
| CVE-2002-1421 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php. | ||||
| CVE-2002-1422 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters. | ||||
| CVE-2002-1423 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| tmp_view.php in FUDforum before 2.2.0 allows remote attackers to read arbitrary files via an absolute pathname in the file parameter. | ||||
| CVE-2002-1426 | 1 Hp | 1 Procurve Switch 4000m | 2026-04-16 | N/A |
| HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. | ||||
| CVE-2002-1428 | 1 Dotproject | 1 Dotproject | 2026-04-16 | N/A |
| index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL with the user_cookie parameter set to 1. | ||||
| CVE-2002-1429 | 1 Endity.com | 1 Shoutbox | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter. | ||||
| CVE-2002-1430 | 1 Synthetic Reality | 1 Sympoll | 2026-04-16 | N/A |
| Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters. | ||||
| CVE-2002-1441 | 1 Tomahawk Technologies | 1 Steelarrow | 2026-04-16 | N/A |
| Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2) DLLHOST.EXE (Steelarrow.dll) via a request for a long .aro file, or (3) DLLHOST.EXE via a Chunked Transfer-Encoding request. | ||||
| CVE-2002-1433 | 1 Kerio | 1 Kerio Mailserver | 2026-04-16 | N/A |
| Kerio MailServer 5.0 allows remote attackers to cause a denial of service (hang) via SYN packets to the supported network services. | ||||