Search Results (364348 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1891 1 Ayman Akt 1 Ircit 2026-04-16 N/A
Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request.
CVE-2002-1892 1 Netgear 1 Fvs318 2026-04-16 N/A
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.
CVE-2002-1893 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers to inject arbitrary web script or HTML via the e-mail message.
CVE-2002-1894 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter.
CVE-2002-1895 1 Apache 1 Tomcat 2026-04-16 N/A
The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN.
CVE-2002-1896 1 Alsaplayer 1 Alsaplayer 2026-04-16 N/A
Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument.
CVE-2002-1897 1 Mywebserver 1 Mywebserver 2026-04-16 N/A
MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow.
CVE-2002-1898 1 Apple 2 Mac Os X, Terminal 2026-04-16 N/A
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
CVE-2002-1899 1 Icewarp 1 Web Mail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" (addressname) parameter.
CVE-2002-1900 1 Pinboard 1 Pinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists.
CVE-2002-1901 1 Bodo Bauer 1 Bbgallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags.
CVE-2002-1902 1 Markus Triska 1 Cgiforum 2026-04-16 N/A
CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent.
CVE-2002-1903 1 University Of Washington 1 Pine 2026-04-16 N/A
Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.
CVE-2002-1904 1 Gaztek 1 Ghttpd 2026-04-16 N/A
Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2002-1905 1 Polycom 1 Viavideo 2026-04-16 N/A
Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
CVE-2002-1906 1 Polycom 1 Viavideo 2026-04-16 N/A
The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open.
CVE-2002-1907 1 Telcondex 1 Simplewebserver 2026-04-16 N/A
TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
CVE-2002-1908 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with a Host header that contains a large number of "/" (forward slash) characters.
CVE-2002-1909 1 Click2learn 1 Ingenium Learning Management System 2026-04-16 N/A
Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the hashed administrative password in a config.txt file under the htdocs directory, which allows remote attackers to obtain the administrative password.
CVE-2002-1911 1 Zonelabs 1 Zonealarm 2026-04-16 N/A
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue.