Export limit exceeded: 345462 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345462 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345462 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345462 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 10 Enterprise Linux, Linux, Linux Advanced Workstation and 7 more | 2026-04-16 | N/A |
| Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | ||||
| CVE-2002-1338 | 1 Microsoft | 1 Office Web Components | 2026-04-16 | N/A |
| The Load method in the Chart component of Office Web Components (OWC) 9 and 10 generates an exception when a specified file does not exist, which allows remote attackers to determine the existence of local files. | ||||
| CVE-2002-1348 | 2 Redhat, W3m | 3 Enterprise Linux, Linux, W3m | 2026-04-16 | N/A |
| w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | ||||
| CVE-2002-1363 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. | ||||
| CVE-2002-1388 | 1 Mhonarc | 1 Mhonarc | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages. | ||||
| CVE-2002-1391 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument. | ||||
| CVE-2002-1393 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses. | ||||
| CVE-2002-1397 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow. | ||||
| CVE-2002-1427 | 1 Easy Scripts Archive | 2 Advanced Easy Homepage Creator, Easy Homepage Creator | 2026-04-16 | N/A |
| The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users. | ||||
| CVE-2002-1415 | 1 Webeasymail | 1 Webeasymail | 2026-04-16 | N/A |
| Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in SMTP requests. | ||||
| CVE-2002-1417 | 1 Novell | 2 Netware, Small Business Suite | 2026-04-16 | N/A |
| Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. | ||||
| CVE-2002-1450 | 1 Ibm | 1 U2 Universe | 2026-04-16 | N/A |
| IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow. | ||||
| CVE-2002-1451 | 1 Desiderata Software | 1 Blazix | 2026-04-16 | N/A |
| Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character. | ||||
| CVE-2002-1452 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter. | ||||
| CVE-2002-1453 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote attackers to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error message. | ||||
| CVE-2002-1454 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist, which leaks the pathname in an error message. | ||||
| CVE-2002-1455 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe. | ||||
| CVE-2002-1461 | 1 Webscriptworld | 1 Web Shop Manager | 2026-04-16 | N/A |
| Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. | ||||
| CVE-2002-1462 | 1 Organicphp | 1 Php-affiliate | 2026-04-16 | N/A |
| details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields. | ||||
| CVE-2002-1464 | 1 Cafelog | 1 B2 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable. | ||||