Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29911 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0619 1 Microsoft 1 Office 2026-06-16 7.5 HIGH N/A
The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" (CVE-2000-0788).
CVE-2002-0618 1 Microsoft 2 Excel, Office 2026-06-16 7.5 HIGH N/A
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution".
CVE-2002-0617 1 Microsoft 2 Excel, Office 2026-06-16 5.1 MEDIUM N/A
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass."
CVE-2002-0616 1 Microsoft 2 Excel, Office 2026-06-16 5.1 MEDIUM N/A
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability."
CVE-2002-0615 1 Microsoft 2 Excel, Office 2026-06-16 7.5 HIGH N/A
The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".
CVE-2002-0614 1 Php-survey 1 Php-survey 2026-06-16 5.0 MEDIUM N/A
PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.
CVE-2002-0613 1 Dnstools Software 1 Dnstools 2026-06-16 10.0 HIGH N/A
dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters.
CVE-2002-0612 1 Craig Patchett 1 Fileseek 2026-06-16 7.5 HIGH N/A
FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters.
CVE-2002-0611 1 Craig Patchett 1 Fileseek 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered.
CVE-2002-0610 1 Hp 1 Mpe Ix 2026-06-16 7.5 HIGH N/A
Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 does not properly validate certain FTP commands, which allows attackers to gain privileges.
CVE-2002-0609 1 Hp 1 Mpe Ix 2026-06-16 5.0 MEDIUM N/A
Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets.
CVE-2002-0608 1 Matu 1 Matu Ftp 2026-06-16 7.5 HIGH N/A
Buffer overflow in Matu FTP client 1.74 allows remote FTP servers to execute arbitrary code via a long "220" banner.
CVE-2002-0607 1 Snitz Communications 1 Snitz Forums 2000 2026-06-16 7.5 HIGH N/A
members.asp in Snitz Forums 2000 version 3.3.03 and earlier allows remote attackers to execute arbitrary code via a SQL injection attack on the parameters (1) M_NAME, (2) UserName, (3) FirstName, (4) LastName, or (5) INITIAL.
CVE-2002-0606 1 3com 1 3cdaemon 2026-06-16 7.5 HIGH N/A
Buffer overflow in 3Cdaemon 2.0 FTP server allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long commands such as login.
CVE-2002-0605 1 Macromedia 1 Flash Player 2026-06-16 7.5 HIGH N/A
Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers to execute arbitrary code via a long movie parameter.
CVE-2002-0604 1 Snapgear 1 Snapgear Lite\+ Firewall 2026-06-16 5.0 MEDIUM N/A
Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP options.
CVE-2002-0603 1 Snapgear 1 Snapgear Lite\+ Firewall 2026-06-16 5.0 MEDIUM N/A
Snapgear Lite+ firewall 1.5.3 allows remote attackers to cause a denial of service (IPSEC crash) via a zero length packet to UDP port 500.
CVE-2002-0602 1 Snapgear 1 Snapgear Lite\+ Firewall 2026-06-16 5.0 MEDIUM N/A
Snapgear Lite+ firewall 1.5.4 and 1.5.3 allows remote attackers to cause a denial of service (crash) via a large number of connections to (1) the HTTP web management port, or (2) the PPTP port.
CVE-2002-0601 1 Information Security Systems 1 Realsecure Network Sensor 2026-06-16 5.0 MEDIUM N/A
ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers to cause a denial of service (crash) via malformed DHCP packets that cause RealSecure to dereference a null pointer.
CVE-2002-0600 2 Kth, Luke Mewburn 2 Kth Kerberos, Lukemftp 2026-06-16 7.5 HIGH N/A
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.