Export limit exceeded: 365162 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0074 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
CVE-2002-0075 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
CVE-2002-0079 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
CVE-2002-0077 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability.
CVE-2002-0078 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.
CVE-2002-0081 2 Php, Redhat 3 Php, Linux, Stronghold 2026-04-16 N/A
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
CVE-2002-0084 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
CVE-2002-0101 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released.
CVE-2002-0102 1 Oracle 1 Application Server Web Cache 2026-04-16 N/A
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters.
CVE-2002-0103 1 Oracle 1 Application Server Web Cache 2026-04-16 N/A
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.
CVE-2002-0104 1 Aftpd 1 Aftpd 2026-04-16 N/A
AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump.
CVE-2002-0105 1 Caldera 1 Unixware 2026-04-16 N/A
CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable.
CVE-2002-0108 1 Allaire 1 Forums 2026-04-16 N/A
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
CVE-2002-0110 1 Nevrona Designs 1 Miramail 2026-04-16 N/A
Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file.
CVE-2002-0111 1 Funsoft 1 Dinos Webserver 2026-04-16 N/A
Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL.
CVE-2002-0112 1 Etype 1 Eserv 2026-04-16 N/A
Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.
CVE-2002-0113 1 Emc 1 Networker 2026-04-16 N/A
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
CVE-2002-0123 1 Mdg Computer Services 1 Web Server 4d Ecommerce 2026-04-16 N/A
MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, and possibly 3.5.3, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.
CVE-2002-0115 1 Martin Roesch 1 Snort 2026-04-16 N/A
Snort 1.8.3 does not properly define the minimum ICMP header size, which allows remote attackers to cause a denial of service (crash and core dump) via a malformed ICMP packet.
CVE-2002-0116 1 Palm 1 Palm Os 2026-04-16 N/A
Palm OS 3.5h and possibly other versions, as used in Handspring Visor and Xircom products, allows remote attackers to cause a denial of service via a TCP connect scan, e.g. from nmap.