Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1963 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit to 10 files, which allows local users to cause a denial of service (resource exhaustion) by opening 10 setuid binaries. | ||||
| CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2026-04-16 | N/A |
| Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | ||||
| CVE-2002-1965 | 1 Imatix | 1 Xitami | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated via an onerror event in an IMG SRC tag or (2) User-Agent field in an HTTP GET request. | ||||
| CVE-2002-1966 | 1 My Postcards | 1 My Postcards Platinum | 2026-04-16 | N/A |
| Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2002-1967 | 1 Mark Hanson | 1 Xircon | 2026-04-16 | N/A |
| Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command. | ||||
| CVE-2002-1968 | 1 Com21 | 1 Doxport 1100 | 2026-04-16 | N/A |
| Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a malicious TFTP server. | ||||
| CVE-2002-1969 | 1 The Magic Notebook | 1 The Magic Notebook | 2026-04-16 | N/A |
| Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. | ||||
| CVE-2002-1970 | 1 Snortcenter | 1 Snortcenter | 2026-04-16 | N/A |
| SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers. | ||||
| CVE-2002-1971 | 1 Sourcecraft | 1 Networking Utils | 2026-04-16 | N/A |
| The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument. | ||||
| CVE-2002-1972 | 1 Sebastian Dehne | 1 Pp Powerswitch | 2026-04-16 | N/A |
| Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports. | ||||
| CVE-2002-1973 | 2 Microsoft, Working Resources Inc. | 2 Foundation Class Library, Badblue | 2026-04-16 | N/A |
| Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error. | ||||
| CVE-2002-1974 | 1 Sharp | 1 Zaurus | 2026-04-16 | N/A |
| The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows remote attackers to access the file system as root. | ||||
| CVE-2002-1980 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. | ||||
| CVE-2002-1981 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings. | ||||
| CVE-2005-2366 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows remote attackers to cause a denial of service (abort or infinite loop) via unknown attack vectors. | ||||
| CVE-2002-1984 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service (crash) via an OBJECT tag that contains a crafted CLASSID (CLSID) value of "CLSID:00022613-0000-0000-C000-000000000046". | ||||
| CVE-2002-1986 | 1 Perception | 1 Liteserve | 2026-04-16 | N/A |
| Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot ("."). | ||||
| CVE-2002-1987 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | ||||
| CVE-2002-1988 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources. | ||||
| CVE-2002-1989 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp. | ||||