Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0870 1 Cisco 2 Content Services Switch 11000, Webns 2026-04-16 N/A
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
CVE-2002-1145 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owner through the msdb.dbo.mswebtasks table, which does not have strong permissions.
CVE-2002-0122 1 Siemens 1 3568i Wap 2026-04-16 N/A
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.
CVE-2002-0873 1 L2tpd 1 L2tpd 2026-04-16 N/A
Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.
CVE-2002-0124 1 Mdg Computer Services 1 Web Server 4d Ecommerce 2026-04-16 N/A
MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request.
CVE-2002-0125 1 Clanlib 1 Clanlib 2026-04-16 N/A
Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as (1) Super Methane Brothers, (2) Star War, (3) Kwirk, (4) Clankanoid, and others, via a long HOME environment variable.
CVE-2002-0130 1 Efax 1 Efax 2026-04-16 N/A
Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument.
CVE-2002-0131 1 Activestate 1 Activepython 2026-04-16 N/A
ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script.
CVE-2002-0875 3 Debian, Redhat, Sgi 4 Debian Linux, Enterprise Linux, Fam and 1 more 2026-04-16 N/A
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
CVE-2002-0187 1 Microsoft 1 Sql Server 2026-04-16 N/A
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."
CVE-2002-0189 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
CVE-2002-0193 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability.
CVE-2002-0199 1 Nullsoft 1 Shoutcast Server 2026-04-16 N/A
Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes.
CVE-2002-0201 1 Cyberstop 1 Cyberstop Web Server 2026-04-16 N/A
Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request, possibly triggering a buffer overflow.
CVE-2002-0203 1 Tarantella 1 Tarantella Enterprise 2026-04-16 N/A
ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.
CVE-2002-0204 1 Gnu 1 Chess 2026-04-16 N/A
Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.
CVE-2002-0205 1 Plumtree 1 Plumtree Corporate Portal 2026-04-16 N/A
Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter.
CVE-2002-0207 1 Realnetworks 2 Realone Player, Realplayer Intranet 2026-04-16 N/A
Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header.
CVE-2006-0589 1 Jaia Interactive 1 Mytopix 2026-04-16 N/A
MyTopix 1.2.3 allows remote attackers to obtain the installation path via a direct request to logon.mod.php, which leaks the path in an error message.
CVE-2002-0215 1 Steve Kneizys 1 Agora.cgi 2026-04-16 N/A
Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message.