Export limit exceeded: 345225 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345225 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0170 | 2 Redhat, Zope | 2 Powertools, Zope | 2026-04-16 | N/A |
| Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration. | ||||
| CVE-2002-0171 | 1 Sgi | 1 Irisconsole | 2026-04-16 | N/A |
| IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges. | ||||
| CVE-2002-0172 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption). | ||||
| CVE-2002-0173 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges. | ||||
| CVE-2002-0174 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file. | ||||
| CVE-2002-0175 | 1 Avaya | 1 Libsafe | 2026-04-16 | N/A |
| libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. | ||||
| CVE-2002-0176 | 1 Avaya | 1 Libsafe | 2026-04-16 | N/A |
| The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe. | ||||
| CVE-2002-0179 | 1 Xpilot | 1 Xpilot | 2026-04-16 | N/A |
| Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code. | ||||
| CVE-2002-0181 | 1 Horde | 2 Horde, Imp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter. | ||||
| CVE-2002-0185 | 2 Apache, Redhat | 2 Mod Python, Linux | 2026-04-16 | N/A |
| mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | ||||
| CVE-2002-0186 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer in SQLXML ISAPI Extension." | ||||
| CVE-2002-0187 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag." | ||||
| CVE-2002-0189 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability. | ||||
| CVE-2002-0190 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. | ||||
| CVE-2002-0191 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulnerability. | ||||
| CVE-2002-0193 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability. | ||||
| CVE-2002-0196 | 1 Acd Incorporated | 1 Cwpapi | 2026-04-16 | N/A |
| GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the server root is somewhere within the path, which could allow remote attackers to read or write files outside of the web root, in other directories whose path includes the web root. | ||||
| CVE-2002-0197 | 1 Psychoid | 1 Psybnc | 2026-04-16 | N/A |
| psyBNC 2.3 beta and earlier allows remote attackers to spoof encrypted, trusted messages by sending lines that begin with the "[B]" sequence, which makes the message appear legitimate. | ||||
| CVE-2002-0199 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes. | ||||
| CVE-2002-0200 | 1 Cyberstop | 1 Cyberstop Web Server | 2026-04-16 | N/A |
| Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service via an HTTP request for an MS-DOS device name. | ||||