Export limit exceeded: 29894 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29894 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1776 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office document. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the Office plug-in would detect the virus before it is executed | ||||
| CVE-2002-1778 | 1 Symantec | 1 Norton Personal Firewall | 2026-04-16 | N/A |
| Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan. | ||||
| CVE-2002-1780 | 1 Alcatech Gmbh | 1 Bpm Studio Pro | 2026-04-16 | N/A |
| BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves. | ||||
| CVE-2002-1781 | 1 Delegate | 1 Delegate | 2026-04-16 | N/A |
| Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy. | ||||
| CVE-2002-1782 | 1 University Of Washington | 1 Uw-imap | 2026-04-16 | N/A |
| The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user. | ||||
| CVE-2002-1788 | 1 Kim Storm | 1 Nn | 2026-04-16 | N/A |
| Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses. | ||||
| CVE-2002-1792 | 1 Fake Identd | 1 Fake Identd | 2026-04-16 | N/A |
| Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as root via a long request that is split into multiple packets. | ||||
| CVE-2002-1794 | 1 Hp | 2 Hp-ux, Ldap-ux Integration | 2026-04-16 | N/A |
| Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users. | ||||
| CVE-2002-1817 | 1 Symantec Veritas | 1 Cluster Server | 2026-04-16 | N/A |
| Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for Solaris, and Cluster Server 1.3.1 for HP-UX allows attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2002-1825 | 1 Wasd | 1 Wasd Http Server | 2026-04-16 | N/A |
| Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 allows remote attackers to execute arbitrary commands or crash the server via format strings in the $name variable. | ||||
| CVE-2002-1827 | 1 Sendmail | 1 Sendmail | 2026-04-16 | N/A |
| Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files. | ||||
| CVE-2002-1829 | 1 Openbb | 1 Openbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to inject arbitrary web script or HTML via (1) myhome.php, (2) an onerror attribute in an IMG tag (a variant of CVE-2002-0330), or (3) a glow tag. | ||||
| CVE-2002-1830 | 1 Openbb | 1 Openbb | 2026-04-16 | N/A |
| Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to bypass authentication and access modifier options via a direct request to moderator.php with the action and ismod parameters. | ||||
| CVE-2002-1832 | 1 Scaramanga | 1 Firestorm Ids | 2026-04-16 | N/A |
| Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service (crash) via certain IP options. | ||||
| CVE-2002-1833 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2026-04-16 | N/A |
| The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges. | ||||
| CVE-2002-1837 | 1 Ids | 1 Ids | 2026-04-16 | N/A |
| The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not. | ||||
| CVE-2002-1857 | 1 Jo | 1 Jo Webserver | 2026-04-16 | N/A |
| jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | ||||
| CVE-2002-1867 | 1 Bizdesign | 1 Imagefolio | 2026-04-16 | N/A |
| The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, which allows remote attackers to create an administrative account, or (2) admin/nph-build.cgi, which allows remote attackers to cause a denial of service (CPU consumption). | ||||
| CVE-2002-1878 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter. | ||||
| CVE-2003-1041 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475. | ||||