Export limit exceeded: 357888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357888 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1932 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection. | ||||
| CVE-2002-1933 | 1 Microsoft | 1 Windows 2000 Terminal Services | 2026-04-16 | N/A |
| The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window. | ||||
| CVE-2002-1716 | 1 Microsoft | 1 Office | 2026-04-16 | N/A |
| The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability. | ||||
| CVE-2002-1717 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf. | ||||
| CVE-2002-1718 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences. | ||||
| CVE-2002-1719 | 1 Bavo | 1 Bavo | 2026-04-16 | N/A |
| Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages. | ||||
| CVE-2002-1720 | 1 Outfront | 1 Spooky Login | 2026-04-16 | N/A |
| SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field. | ||||
| CVE-2002-1721 | 1 Pldaniels | 1 Altermime | 2026-04-16 | 7.5 High |
| Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service (crash) via an x-header that causes snprintf overwrite the FFGET_FILE variable with a (null) byte. | ||||
| CVE-2002-1722 | 1 Logitech | 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard | 2026-04-16 | N/A |
| Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button. | ||||
| CVE-2002-1724 | 1 Onlinetools.org | 1 Phpimageview | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter. | ||||
| CVE-2002-1725 | 1 Onlinetools.org | 1 Phpimageview | 2026-04-16 | N/A |
| phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function. | ||||
| CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2026-04-16 | N/A |
| secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | ||||
| CVE-2002-1727 | 1 Asksam Systems | 1 Asksam Web Publisher | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL. | ||||
| CVE-2002-1728 | 1 Asksam Systems | 1 Asksam Web Publisher | 2026-04-16 | N/A |
| askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root directory via a request for a file that does not exist, which generates an error message that reveals the full path. | ||||
| CVE-2002-1729 | 1 Aspjar | 1 Aspjar Guestbook | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message. | ||||
| CVE-2002-1730 | 1 Aspjar | 1 Aspjar Guestbook | 2026-04-16 | N/A |
| ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true". | ||||
| CVE-2002-1731 | 1 Ibm | 1 Os 400 | 2026-04-16 | N/A |
| The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF. | ||||
| CVE-2002-1733 | 1 Prospero Technologies | 1 Prospero Message Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies allows remote attackers to inject arbitrary web script or HTML via a message board post. | ||||
| CVE-2002-1748 | 1 Open Source Development Network | 1 Slashcode | 2026-04-16 | N/A |
| Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts. | ||||
| CVE-2002-1749 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges. | ||||