Search Results (362101 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1530 1 Surfcontrol 1 Superscout Email Filter 2026-04-16 N/A
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form.
CVE-2002-1533 1 Jetty 1 Jetty 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).
CVE-2002-1534 1 Macromedia 1 Flash Player 2026-04-16 N/A
Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.
CVE-2002-1535 1 Symantec 2 Enterprise Firewall, Raptor Firewall 2026-04-16 N/A
Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.
CVE-2002-1537 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u".
CVE-2002-1601 1 Adobe 1 Photodeluxe 2026-04-16 N/A
The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.
CVE-2002-1538 1 Acuma 1 Acusend 2026-04-16 N/A
Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable.
CVE-2002-1540 1 Symantec 1 Norton Antivirus 2026-04-16 N/A
The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.
CVE-2002-1544 1 Cooolsoft 1 Personal Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get.
CVE-2002-1546 1 Brs 1 Webweaver 2026-04-16 N/A
BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.
CVE-2002-1603 1 Goahead Software 1 Goahead Webserver 2026-04-16 N/A
GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed.
CVE-2002-1547 1 Juniper 1 Netscreen Screenos 2026-04-16 N/A
Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144.
CVE-2002-1607 1 Hp 2 Hp-ux, Tru64 2026-04-16 N/A
Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
CVE-2002-1548 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called."
CVE-2002-1550 1 Ibm 1 Aix 2026-04-16 N/A
dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2002-1554 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup.
CVE-2002-1611 1 Hp 2 Hp-ux, Tru64 2026-04-16 N/A
Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
CVE-2002-1555 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information.
CVE-2002-1562 1 Acme Labs 1 Thttpd 2026-04-16 N/A
Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header.
CVE-2002-1612 1 Hp 2 Hp-ux, Tru64 2026-04-16 N/A
Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.