Export limit exceeded: 365269 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365269 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1037 | 1 Michael Dean | 1 Double Choco Latte | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to inject arbitrary HTML, including script, into web pages via the (1) Ticket# Find, (2) Priorities, (3) Severities, (4) Projects, (5) WO# Find, (6) Departments and (7) Users features. | ||||
| CVE-2002-1038 | 1 Michael Dean | 1 Double Choco Latte | 2026-04-16 | N/A |
| Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features. | ||||
| CVE-2002-1039 | 1 Michael Dean | 1 Double Choco Latte | 2026-04-16 | N/A |
| Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via .. (dot dot) sequences when downloading files from the Projects: Attachments feature. | ||||
| CVE-2002-1040 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames. | ||||
| CVE-2002-1041 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. | ||||
| CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | ||||
| CVE-2002-1043 | 1 Ultrafunk | 1 Popcorn | 2026-04-16 | N/A |
| Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Subject ("\t\t"). | ||||
| CVE-2002-1044 | 1 Ultrafunk | 1 Popcorn | 2026-04-16 | N/A |
| Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field. | ||||
| CVE-2002-1045 | 1 Ultrafunk | 1 Popcorn | 2026-04-16 | N/A |
| Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Date field that is converted into a year greater than 2037. | ||||
| CVE-2002-1046 | 1 Watchguard | 2 Firebox, Soho Firewall | 2026-04-16 | N/A |
| Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110. | ||||
| CVE-2002-1047 | 1 Watchguard | 1 Soho Firewall | 2026-04-16 | N/A |
| The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with a correct password but an incorrect user name. | ||||
| CVE-2002-1048 | 1 Hp | 1 Jetdirect | 2026-04-16 | N/A |
| HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0. | ||||
| CVE-2002-1049 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element. | ||||
| CVE-2002-1050 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data. | ||||
| CVE-2002-1051 | 1 Ehud Gavron | 1 Tracesroute | 2026-04-16 | N/A |
| Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument. | ||||
| CVE-2002-1052 | 1 W3c | 1 Jigsaw | 2026-04-16 | N/A |
| Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device. | ||||
| CVE-2002-1053 | 1 W3c | 1 Jigsaw | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message. | ||||
| CVE-2002-1054 | 1 Pablo Software Solutions | 1 Pablo Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. | ||||
| CVE-2002-1055 | 1 Brother | 1 Nc-3100h | 2026-04-16 | N/A |
| Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password. | ||||
| CVE-2002-1056 | 1 Microsoft | 2 Outlook, Word | 2026-04-16 | N/A |
| Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. | ||||