Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0516 1 Squirrelmail 1 Squirrelmail 2026-04-16 N/A
SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
CVE-2002-0517 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to programs such as (1) dtterm or (2) xterm.
CVE-2002-0528 1 Watchguard 1 Soho Firewall 2026-04-16 N/A
Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP restrictions for customized services that were set before the administrator upgrades to 5.0.35, which could allow remote attackers to bypass the intended access control rules.
CVE-2002-0520 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag.
CVE-2002-0521 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp.
CVE-2002-0522 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
ASP-Nuke RC2 and earlier allows remote attackers to bypass authentication and gain privileges by modifying the "pseudo" cookie.
CVE-2002-0523 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie.
CVE-2002-0524 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
ASP-Nuke RC2 and earlier allows remote attackers to determine the absolute path of the server by (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments, which leak the pathname in an error message.
CVE-2002-0525 1 Isc 1 Inn 2026-04-16 N/A
Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.
CVE-2002-0527 1 Watchguard 1 Soho Firewall 2026-04-16 N/A
Watchguard SOHO firewall before 5.0.35 allows remote attackers to cause a denial of service (crash and reboot) when SOHO forwards a packet with bad IP options.
CVE-2002-0544 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.
CVE-2002-0545 1 Cisco 2 Aironet Ap340, Aironet Ap350 2026-04-16 N/A
Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.
CVE-2002-0571 1 Oracle 1 Oracle9i 2026-04-16 N/A
Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax.
CVE-2002-0548 1 Anthill 1 Anthill 2026-04-16 N/A
Anthill allows remote attackers to bypass authentication and file bug reports by directly accessing the postbug.php program instead of enterbug.php.
CVE-2002-0549 1 Anthill 1 Anthill 2026-04-16 N/A
Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users.
CVE-2002-0550 1 Gcf 1 Dynamic Guestbook 2026-04-16 N/A
Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.
CVE-2002-0551 1 Gcf 1 Dynamic Guestbook 2026-04-16 N/A
Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows remote attackers to execute code in clients who access guestbook pages via the parameters (1) name, (2) mail, or (3) kommentar.
CVE-2002-0552 1 Melange 1 Melange Chat System 2026-04-16 N/A
Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell command, (2) long lines in the /etc/melange.conf configuration file, (3) long file names, or possibly other attacks.
CVE-2002-0553 1 Turnkey Solutions 1 Sunshop Shopping Cart 2026-04-16 N/A
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
CVE-2002-0554 1 Ibm 1 Informix Web Datablade 2026-04-16 N/A
webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request.