Export limit exceeded: 348231 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348231 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0470 | 1 Phpnettoolpack | 1 Phpnettoolpack | 2026-04-16 | N/A |
| PHPNetToolpack 0.1 relies on its environment's PATH to find and execute the traceroute program, which could allow local users to gain privileges by inserting a Trojan horse program into the search path. | ||||
| CVE-2002-0471 | 1 Phpnettoolpack | 1 Phpnettoolpack | 2026-04-16 | N/A |
| PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable. | ||||
| CVE-2002-0472 | 1 Microsoft | 1 Msn Messenger | 2026-04-16 | N/A |
| MSN Messenger Service 3.6, and possibly other versions, uses weak authentication when exchanging messages between clients, which allows remote attackers to spoof messages from other users. | ||||
| CVE-2002-0473 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter. | ||||
| CVE-2002-0474 | 1 Zeroforum | 1 Zeroforum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in ZeroForum allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within IMG image tag. | ||||
| CVE-2002-0476 | 1 Macromedia | 1 Flash Player | 2026-04-16 | N/A |
| Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand. | ||||
| CVE-2002-0477 | 1 Macromedia | 1 Flash Player | 2026-04-16 | N/A |
| Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand. | ||||
| CVE-2002-0478 | 1 Foundrynet | 1 Edgeiron | 2026-04-16 | N/A |
| The default configuration of Foundry Networks EdgeIron 4802F allows remote attackers to modify sensitive information via arbitrary SNMP community strings. | ||||
| CVE-2002-0480 | 1 Iss | 1 Realsecure Nokia | 2026-04-16 | N/A |
| ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation. | ||||
| CVE-2002-0482 | 1 Newlog | 1 Netsupport Manager | 2026-04-16 | N/A |
| Directory traversal vulnerability in PCI Netsupport Manager before version 7, when running web extensions, allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request. | ||||
| CVE-2002-0509 | 1 Oracle | 1 Oracle9i | 2026-04-16 | N/A |
| Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521. | ||||
| CVE-2002-0484 | 1 Php | 1 Php | 2026-04-16 | N/A |
| move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system. | ||||
| CVE-2002-0066 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2026-04-16 | N/A |
| Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges. | ||||
| CVE-2002-0063 | 2 Easy Software Products, Redhat | 2 Cups, Powertools | 2026-04-16 | N/A |
| Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values. | ||||
| CVE-2002-0058 | 2 Microsoft, Sun | 4 Virtual Machine, Jdk, Jre and 1 more | 2026-04-16 | N/A |
| Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK. | ||||
| CVE-2002-0055 | 1 Microsoft | 3 Exchange Server, Windows 2000, Windows Xp | 2026-04-16 | N/A |
| SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request. | ||||
| CVE-2001-1235 | 1 Derek Leung | 1 Pslash | 2026-04-16 | N/A |
| pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | ||||
| CVE-2001-1236 | 1 Sebastian Bunka | 1 Myphppagetool | 2026-04-16 | N/A |
| myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | ||||
| CVE-2001-1237 | 1 Peaceworks Computer Consulting | 1 Phormation | 2026-04-16 | N/A |
| Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable. | ||||
| CVE-2001-1239 | 1 Connect Inc. | 1 Powernet Ix | 2026-04-16 | N/A |
| PowerNet IX allows remote attackers to cause a denial of service via a port scan. | ||||