Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1685 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI.
CVE-2002-1686 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
CVE-2002-1687 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
CVE-2002-1688 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button.
CVE-2002-1689 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.
CVE-2002-1690 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225.
CVE-2002-1691 1 Alcatel-lucent 1 Omnipcx 2026-04-16 N/A
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access.
CVE-2002-1692 1 Microsoft 1 Windows 95 2026-04-16 N/A
Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up.
CVE-2002-1694 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running.
CVE-2002-1709 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable.
CVE-2002-1710 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file.
CVE-2002-1711 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users to read other users' attachments.
CVE-2002-1715 1 Ssh 2 Ssh, Ssh2 2026-04-16 N/A
SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.
CVE-2002-1719 1 Bavo 1 Bavo 2026-04-16 N/A
Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages.
CVE-2002-1720 1 Outfront 1 Spooky Login 2026-04-16 N/A
SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field.
CVE-2002-1722 1 Logitech 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard 2026-04-16 N/A
Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button.
CVE-2002-1724 1 Onlinetools.org 1 Phpimageview 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter.
CVE-2002-1725 1 Onlinetools.org 1 Phpimageview 2026-04-16 N/A
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function.
CVE-2002-1726 1 Brokenbytes 1 Photodb 2026-04-16 N/A
secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page.
CVE-2002-1727 1 Asksam Systems 1 Asksam Web Publisher 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL.