Total
29910 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1538 | 1 Acuma | 1 Acusend | 2026-06-16 | 5.0 MEDIUM | N/A |
| Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable. | |||||
| CVE-2002-1537 | 1 Phpbb Group | 1 Phpbb | 2026-06-16 | 10.0 HIGH | N/A |
| admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u". | |||||
| CVE-2002-1536 | 1 Hans Persson | 1 Molly | 2026-06-16 | 7.5 HIGH | N/A |
| Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $host variable for nslookup.pl, (2) the $to, $from, or $message variables in pop.pl, (3) the $words or $text variables in sms.pl, or (4) the $server or $printer variables in hpled.pl. | |||||
| CVE-2002-1535 | 1 Symantec | 2 Enterprise Firewall, Raptor Firewall | 2026-06-16 | 5.0 MEDIUM | N/A |
| Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present. | |||||
| CVE-2002-1534 | 1 Macromedia | 1 Flash Player | 2026-06-16 | 5.0 MEDIUM | N/A |
| Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share. | |||||
| CVE-2002-1533 | 1 Jetty | 1 Jetty | 2026-06-16 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a). | |||||
| CVE-2002-1532 | 1 Surfcontrol | 1 Superscout Email Filter | 2026-06-16 | 5.0 MEDIUM | N/A |
| The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the interface to wait for the sequence and blocks other users from accessing it. | |||||
| CVE-2002-1531 | 1 Surfcontrol | 1 Superscout Email Filter | 2026-06-16 | 5.0 MEDIUM | N/A |
| The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter. | |||||
| CVE-2002-1530 | 1 Surfcontrol | 1 Superscout Email Filter | 2026-06-16 | 5.0 MEDIUM | N/A |
| The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form. | |||||
| CVE-2002-1529 | 1 Surfcontrol | 1 Superscout Email Filter | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter. | |||||
| CVE-2002-1528 | 1 Mondosoft | 1 Mondosearch | 2026-06-16 | 5.0 MEDIUM | N/A |
| MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter. | |||||
| CVE-2002-1527 | 1 Emumail | 1 Emu Webmail | 2026-06-16 | 5.0 MEDIUM | N/A |
| emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message. | |||||
| CVE-2002-1526 | 1 Emumail | 1 Emu Webmail | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field. | |||||
| CVE-2002-1525 | 2 Astaware, Sun | 2 Searchdisc, Sunone Starter Kit | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017. | |||||
| CVE-2002-1524 | 1 Nullsoft | 1 Winamp | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag. | |||||
| CVE-2002-1523 | 1 Daniel Arenz | 1 Mini Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Daniel Arenz Mini Server 2.1.6 allows remote attackers to read arbitrary files via (1) ../ (dot-dot slash) or (2) ..\ (dot-dot backslash) sequences. | |||||
| CVE-2002-1522 | 1 Cooolsoft | 1 Powerftp | 2026-06-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument. | |||||
| CVE-2002-1521 | 1 Mdg Computer Services | 1 Web Server 4d | 2026-06-16 | 2.1 LOW | N/A |
| Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges. | |||||
| CVE-2002-1520 | 2 Rapidstream, Watchguard | 2 Rapidstream, Firebox | 2026-06-16 | 10.0 HIGH | N/A |
| The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges. | |||||
| CVE-2002-1519 | 2 Rapidstream, Watchguard | 2 Rapidstream, Firebox | 2026-06-16 | 10.0 HIGH | N/A |
| Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password parameter. | |||||