Search Results (366043 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2413 2 Deerfield, Microsoft 3 Website Pro, Windows 9x, Windows Nt 2026-04-16 N/A
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.
CVE-2002-2414 2 Opera Software, Squid 2 Opera, Squid 2026-04-16 N/A
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash).
CVE-2002-2415 1 Alliedtelesyn 2 At-8024, Rapier 24 2026-04-16 N/A
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service.
CVE-2002-2416 1 Zeroo 1 Http Server 2026-04-16 N/A
Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request.
CVE-2002-2417 1 Acftp 1 Acftp 2026-04-16 N/A
acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.
CVE-2002-2418 1 Acfp Project 1 Acfreeproxy 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attackers to inject arbitrary web script or HTML via the URL, which is inserted into an error page.
CVE-2002-2419 1 Dctc Project 1 Dctc 2026-04-16 N/A
Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a string ending with a NULL byte character.
CVE-2002-2420 1 Independent Solution 2 Simple Site Searcher, Super Site Searcher 2026-04-16 N/A
site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter.
CVE-2002-2421 1 Andrey Cherezov 1 Acweb 2026-04-16 N/A
acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2.
CVE-2002-2422 1 Compaq 1 Insight Management Agent 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message.
CVE-2002-2423 1 Sendmail 1 Sendmail 2026-04-16 N/A
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
CVE-2002-2424 1 Ekilat Llc 1 Php\(reactor\) 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag.
CVE-2002-2425 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request.
CVE-2002-2426 1 Citrix 3 Access Essentials, Metaframe Presentation Server, Presentation Server 2026-04-16 N/A
Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the InitialProgram key in an ICA connection. NOTE: some of these details are obtained from third party information.
CVE-2003-0001 5 Freebsd, Linux, Microsoft and 2 more 6 Freebsd, Linux Kernel, Windows 2000 and 3 more 2026-04-16 5.3 Medium
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
CVE-2003-0002 1 Microsoft 1 Content Management Server 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.
CVE-2003-0003 1 Microsoft 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more 2026-04-16 N/A
Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.
CVE-2003-0004 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter.
CVE-2003-0007 1 Microsoft 1 Outlook 2026-04-16 N/A
Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure."
CVE-2003-0009 1 Microsoft 2 Windows Me, Windows Xp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.