Search Results (365419 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1901 1 Bodo Bauer 1 Bbgallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags.
CVE-2002-1902 1 Markus Triska 1 Cgiforum 2026-04-16 N/A
CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent.
CVE-2002-1903 1 University Of Washington 1 Pine 2026-04-16 N/A
Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.
CVE-2002-1904 1 Gaztek 1 Ghttpd 2026-04-16 N/A
Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2002-1905 1 Polycom 1 Viavideo 2026-04-16 N/A
Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
CVE-2002-1906 1 Polycom 1 Viavideo 2026-04-16 N/A
The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open.
CVE-2002-1907 1 Telcondex 1 Simplewebserver 2026-04-16 N/A
TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
CVE-2002-1908 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters.
CVE-2002-1909 1 Click2learn 1 Ingenium Learning Management System 2026-04-16 N/A
Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the hashed administrative password in a config.txt file under the htdocs directory, which allows remote attackers to obtain the administrative password.
CVE-2002-1910 1 Click-2 1 Ingenium Learning Management System 2026-04-16 7.5 High
Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reversible algorithm), which allows attackers to obtain passwords.
CVE-2002-1911 1 Zonelabs 1 Zonealarm 2026-04-16 N/A
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue.
CVE-2002-1912 1 Skystream 1 Emr5000 2026-04-16 7.5 High
SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the buffers are full, which allows remote attackers to cause a denial of service (null pointer exception and kernel panic) via a large number of packets.
CVE-2002-1913 1 Myphpnuke 1 Myphpnuke 2026-04-16 N/A
phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable.
CVE-2002-1914 2 Dump Project, Redhat 2 Dump, Enterprise Linux 2026-04-16 5.5 Medium
dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file.
CVE-2002-1915 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 5.5 Medium
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
CVE-2002-1916 1 Pirch 2 Pirch Irc, Ruspirch 2026-04-16 N/A
Pirch and RusPirch, when auto-log is enabled, allows remote attackers to cause a denial of service (crash) via a nickname containing an MS-DOS device name such as AUX, which is inserted into a filename for saving queries.
CVE-2002-1917 1 Geeklog 1 Geeklog 2026-04-16 N/A
CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header.
CVE-2002-1918 1 Microsoft 1 Data Access Components 2026-04-16 N/A
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED.
CVE-2002-1919 1 Virtual Programming 1 Vp-asp 2026-04-16 N/A
SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields.
CVE-2002-1920 1 Datawizard 1 Ftpxq 2026-04-16 N/A
Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial of service (crash) via a MKD command with a long directory name.