Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1972 | 1 Sebastian Dehne | 1 Pp Powerswitch | 2026-04-16 | N/A |
| Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports. | ||||
| CVE-2002-1973 | 2 Microsoft, Working Resources Inc. | 2 Foundation Class Library, Badblue | 2026-04-16 | N/A |
| Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error. | ||||
| CVE-2002-1995 | 1 Lebios | 1 Phptonuke.php | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. | ||||
| CVE-2002-1996 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php. | ||||
| CVE-2002-1997 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension. | ||||
| CVE-2002-1998 | 1 Sco | 2 Open Unix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | ||||
| CVE-2002-1999 | 1 Hp | 1 Praesidium Webproxy | 2026-04-16 | N/A |
| HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests. | ||||
| CVE-2002-2000 | 1 Compaq | 1 Acms | 2026-04-16 | N/A |
| ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data. | ||||
| CVE-2002-2001 | 2 Jmcce, Mandrakesoft | 2 Jmcce, Mandrake Linux | 2026-04-16 | N/A |
| jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2002-2002 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables. | ||||
| CVE-2002-2003 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap. | ||||
| CVE-2002-2004 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets. | ||||
| CVE-2002-2005 | 1 Sun | 1 Java Web Start | 2026-04-16 | N/A |
| Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors. | ||||
| CVE-2002-2006 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets. | ||||
| CVE-2002-2007 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages. | ||||
| CVE-2002-2008 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message. | ||||
| CVE-2002-2010 | 1 Htdig | 1 Htdig | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig (ht://Dig) 3.1.5, 3.1.6, and 3.2 allows remote attackers to inject arbitrary web script or HTML via the words parameter. | ||||
| CVE-2002-2011 | 1 Jon Howell | 1 Faq-o-matic | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2002-2012 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. | ||||
| CVE-2002-2013 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2026-04-16 | N/A |
| Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | ||||