Export limit exceeded: 345031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345031 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1732 | 1 Actinic | 1 Actinic Catalog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string argument to certain .pl files, (2) the REFPAGE parameter to ca000007.pl, (3) PRODREF parameter to ss000007.pl, or (4) hop parameter to ca000001.pl. | ||||
| CVE-2002-1733 | 1 Prospero Technologies | 1 Prospero Message Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies allows remote attackers to inject arbitrary web script or HTML via a message board post. | ||||
| CVE-2002-1738 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaemon mail account with a password of MServer, which could allow remote attackers to send anonymous email. | ||||
| CVE-2002-1739 | 1 Mdaemon | 1 Mdaemon | 2026-04-16 | 5.5 Medium |
| Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords. | ||||
| CVE-2002-1740 | 1 Alt-n | 2 Mdaemon, Worldclient | 2026-04-16 | N/A |
| Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary code via a long folder name (NewFolder parameter). | ||||
| CVE-2002-1741 | 1 Alt-n | 1 Worldclient | 2026-04-16 | N/A |
| Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." (dot dot) in the Attachments parameter. | ||||
| CVE-2006-3673 | 1 Armagetron | 1 Armagetron Advanced | 2026-04-16 | N/A |
| nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service (application crash) via a large owner value, which causes an assert error. | ||||
| CVE-2002-1747 | 1 Maxim Krasnyansky | 1 Vtun | 2026-04-16 | N/A |
| Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB. | ||||
| CVE-2002-1748 | 1 Open Source Development Network | 1 Slashcode | 2026-04-16 | N/A |
| Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote authenticated users to gain access to arbitrary accounts. | ||||
| CVE-2002-1749 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges. | ||||
| CVE-2002-1750 | 1 Cgiscript | 1 Csguestbook | 2026-04-16 | N/A |
| csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | ||||
| CVE-2002-1751 | 1 Cgiscript.net | 1 Cslivesupport | 2026-04-16 | N/A |
| csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | ||||
| CVE-2002-1752 | 1 Cgiscript | 1 Cschat-r-box | 2026-04-16 | N/A |
| csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | ||||
| CVE-2002-1754 | 1 Novell | 1 Netware Client | 2026-04-16 | N/A |
| Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname. | ||||
| CVE-2002-1759 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files. | ||||
| CVE-2002-1760 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 allow remote attackers to execute arbitrary SQL commands via the unknown attack vectors. | ||||
| CVE-2002-1768 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. | ||||
| CVE-2002-1769 | 1 Microsoft | 2 Site Server, Site Server Commerce | 2026-04-16 | N/A |
| Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege. | ||||
| CVE-2002-1770 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer. | ||||
| CVE-2002-1771 | 1 Matt Wright | 1 Formmail | 2026-04-16 | N/A |
| Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realname CGI variables. | ||||