Export limit exceeded: 344911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2210 | 1 Openoffice | 1 Openoffice | 2026-04-16 | N/A |
| The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file. | ||||
| CVE-2005-2127 | 2 Ati, Microsoft | 6 Catalyst Driver, .net Framework, Office and 3 more | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability." | ||||
| CVE-2002-2211 | 1 Isc | 1 Bind | 2026-04-16 | N/A |
| BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2002-2212 | 2 Fujitsu, Isc | 2 Uxp V, Bind | 2026-04-16 | N/A |
| The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2005-2458 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". | ||||
| CVE-2005-2462 | 1 Kayako | 1 Liveresponse | 2026-04-16 | N/A |
| Kayako liveResponse 2.x, when logging in a user, records the password in plaintext in the URL, which allows local users and possibly remote attackers to gain privileges. | ||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2026-04-16 | N/A |
| The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2002-2214 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header. | ||||
| CVE-2002-2215 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function. | ||||
| CVE-2005-2465 | 2 Pc-experience, Toppe | 2 Pc-experience, Toppe Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in pm.php in PCXP/TOPPE CMS allows remote attackers to inject arbitrary web script or HTML via the msg variable. | ||||
| CVE-2002-2216 | 1 Soft3304 | 1 04webserver | 2026-04-16 | N/A |
| Soft3304 04WebServer before 1.20 does not properly process URL strings, which allows remote attackers to obtain unspecified sensitive information. | ||||
| CVE-2002-2217 | 1 Comscripts | 1 Web Server Creator | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal) 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) l parameter to customize.php or the (2) pg parameter to index.php. | ||||
| CVE-2002-2218 | 1 Sips | 1 Sips | 2026-04-16 | N/A |
| CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value. | ||||
| CVE-2002-2219 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | N/A |
| chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field. | ||||
| CVE-2005-3948 | 1 Phpalbum.net | 1 Phpalbum | 2026-04-16 | N/A |
| Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers to read arbitrary files via the (1) cmd and (2) var1 parameters. | ||||
| CVE-2002-2220 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | N/A |
| Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2002-2221 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | N/A |
| Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639. | ||||
| CVE-2002-2222 | 2 Freebsd, Openbsd | 2 Ports Collection, Openbsd | 2026-04-16 | N/A |
| isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and in OpenBSD 3.1, allows remote attackers to cause a denial of service (crash) by sending Internet Key Exchange (IKE) payloads out of sequence. | ||||
| CVE-2005-2467 | 1 Mysql | 1 Eventum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php. | ||||
| CVE-2005-3473 | 1 Alexander Palmo | 1 Simple Php Blog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entry, (2) blog_subject, and (3) blog_text parameters (involving the temp_subject variable) in (a) preview_cgi.php and (b) preview_static_cgi.php, or (4) scheme_name parameter and (5) bg_color parameters (involving the preset_name and result variables) in (c) colors.php. | ||||