Total
29912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0197 | 1 Psychoid | 1 Psybnc | 2026-06-16 | 7.5 HIGH | N/A |
| psyBNC 2.3 beta and earlier allows remote attackers to spoof encrypted, trusted messages by sending lines that begin with the "[B]" sequence, which makes the message appear legitimate. | |||||
| CVE-2002-0196 | 1 Acd Incorporated | 1 Cwpapi | 2026-06-16 | 6.4 MEDIUM | N/A |
| GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the server root is somewhere within the path, which could allow remote attackers to read or write files outside of the web root, in other directories whose path includes the web root. | |||||
| CVE-2002-0193 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability. | |||||
| CVE-2002-0191 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulnerability. | |||||
| CVE-2002-0190 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. | |||||
| CVE-2002-0189 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability. | |||||
| CVE-2002-0188 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the second variant of the "Content Disposition" vulnerability. | |||||
| CVE-2002-0187 | 1 Microsoft | 1 Sql Server | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag." | |||||
| CVE-2002-0186 | 1 Microsoft | 1 Sql Server | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer in SQLXML ISAPI Extension." | |||||
| CVE-2002-0185 | 1 Apache | 1 Mod Python | 2026-06-16 | 7.5 HIGH | N/A |
| mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | |||||
| CVE-2002-0181 | 1 Horde | 2 Horde, Imp | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter. | |||||
| CVE-2002-0180 | 1 Bradford Barrett | 1 Webalizer | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname. | |||||
| CVE-2002-0179 | 1 Xpilot | 1 Xpilot | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2002-0178 | 1 Gnu | 1 Sharutils | 2026-06-16 | 7.2 HIGH | N/A |
| uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands. | |||||
| CVE-2002-0177 | 1 Icecast | 1 Icecast | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client. | |||||
| CVE-2002-0176 | 1 Avaya | 1 Libsafe | 2026-06-16 | 4.6 MEDIUM | N/A |
| The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe. | |||||
| CVE-2002-0175 | 1 Avaya | 1 Libsafe | 2026-06-16 | 4.6 MEDIUM | N/A |
| libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. | |||||
| CVE-2002-0174 | 1 Sgi | 1 Irix | 2026-06-16 | 7.2 HIGH | N/A |
| nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file. | |||||
| CVE-2002-0173 | 1 Sgi | 1 Irix | 2026-06-16 | 7.2 HIGH | N/A |
| Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges. | |||||
| CVE-2002-0172 | 1 Sgi | 1 Irix | 2026-06-16 | 2.1 LOW | N/A |
| /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption). | |||||
