Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1534 | 1 Macromedia | 1 Flash Player | 2026-04-16 | N/A |
| Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share. | ||||
| CVE-2002-1541 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash). | ||||
| CVE-2002-1549 | 1 Light Httpd | 1 Light Httpd | 2026-04-16 | N/A |
| Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2006-2279 | 1 Arabless | 1 Saphplesson | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the Find parameter in (a) search.php, and the (2) LID and (3) Rate parameters in (b) misc.php. | ||||
| CVE-2003-1399 | 1 Eject | 1 Eject | 2026-04-16 | N/A |
| eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information. | ||||
| CVE-2002-1552 | 1 Novell | 1 Edirectory | 2026-04-16 | N/A |
| Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. | ||||
| CVE-2002-1558 | 1 Cisco | 1 Optical Networking Systems Software | 2026-04-16 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet. | ||||
| CVE-2002-1560 | 1 Martin Bauer | 1 Gbook | 2026-04-16 | N/A |
| index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true. | ||||
| CVE-2002-1574 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. | ||||
| CVE-2002-1580 | 1 Carnegie Mellon University | 1 Cyrus Imap Server | 2026-04-16 | N/A |
| Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347. | ||||
| CVE-2002-0250 | 1 Hp | 7 Advancestack 10base-t Switching Hub J3200a, Advancestack 10base-t Switching Hub J3201a, Advancestack 10base-t Switching Hub J3202a and 4 more | 2026-04-16 | N/A |
| Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password. | ||||
| CVE-2002-0252 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header. | ||||
| CVE-2002-1592 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2002-1594 | 2 Grpck, Pwck | 2 Grpck, Pwck | 2026-04-16 | N/A |
| Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument. | ||||
| CVE-2002-1596 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2026-04-16 | N/A |
| Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (router crash) via an HTTP request with large headers. | ||||
| CVE-2002-1600 | 1 Mike Spice | 1 My Classifieds | 2026-04-16 | N/A |
| Directory traversal vulnerability in Mike Spice's My Classifieds (classifieds.cgi) before 1.3 allows remote attackers to overwrite arbitrary files via the category parameter. | ||||
| CVE-2002-0257 | 2 Apache, Usanet Creations | 2 Http Server, Makebid Auction Deluxe | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4. | ||||
| CVE-2002-1606 | 1 Hp | 2 Hp-ux, Tru64 | 2026-04-16 | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm. | ||||
| CVE-2002-1620 | 1 Ibm | 1 Aix Parallel Systems Support Programs | 2026-04-16 | N/A |
| Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) 3.1.1, 3.2, and 3.4 allows remote attackers to read arbitrary files from a file collection. | ||||
| CVE-2002-0258 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. by extracting the ID from the user's answer or forward URLs. | ||||