Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2026-04-16 | N/A |
| Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | ||||
| CVE-2002-0703 | 2 Gisle Aas, Redhat | 2 Digest-md5, Linux | 2026-04-16 | N/A |
| An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data. | ||||
| CVE-2002-0705 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2026-04-16 | N/A |
| The Web Reports Server for SurfControl SuperScout WebFilter stores the "scwebusers" username and password file in a web-accessible directory, which allows remote attackers to obtain valid usernames and crack the passwords. | ||||
| CVE-2002-0706 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2026-04-16 | N/A |
| UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function. | ||||
| CVE-2002-0707 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2026-04-16 | N/A |
| The Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to cause a denial of service (CPU consumption) via large GET requests, possibly due to a buffer overflow. | ||||
| CVE-2002-0710 | 1 Rod Clark | 1 Sendform.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in sendform.cgi 1.44 and earlier allows remote attackers to read arbitrary files by specifying the desired files in the BlurbFilePath parameter. | ||||
| CVE-2002-0711 | 1 Hp | 1 Trucluster Server | 2026-04-16 | N/A |
| Unknown vulnerability in Cluster Interconnect for HP TruCluster Server 5.0A, 5.1, and 5.1A may allow local and remote attackers to cause a denial of service. | ||||
| CVE-2002-0712 | 1 Entrust | 1 Entrust Authority Security Manager | 2026-04-16 | N/A |
| Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations. | ||||
| CVE-2002-0715 | 2 Redhat, Squid | 3 Enterprise Linux, Linux, Squid | 2026-04-16 | N/A |
| Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password. | ||||
| CVE-2002-0728 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. | ||||
| CVE-2002-0729 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| Microsoft SQL Server 2000 allows remote attackers to cause a denial of service via a malformed 0x08 packet that is missing a colon separator. | ||||
| CVE-2002-0730 | 1 Philip Chinery | 1 Philip Chinerys Guestbook | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in guestbook.pl for Philip Chinery's Guestbook 1.1 allows remote attackers to execute Javascript or HTML via fields such as (1) Name, (2) EMail, or (3) Homepage. | ||||
| CVE-2002-0731 | 1 Vqsoft | 1 Vqserver | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in demonstration scripts for vqServer allows remote attackers to execute arbitrary script via a link that contains the script in arguments to demo scripts such as respond.pl. | ||||
| CVE-2002-0734 | 1 Michel Valdrighi | 1 B2 | 2026-04-16 | N/A |
| b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server. | ||||
| CVE-2002-0735 | 2 C-note, Padl Software | 3 Squid Auth Ldap, Nss Ldap, Pam Ldap | 2026-04-16 | N/A |
| Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages. | ||||
| CVE-2002-0736 | 1 Microsoft | 1 Backoffice | 2026-04-16 | N/A |
| Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank. | ||||
| CVE-2002-0738 | 1 Mhonarc | 1 Mhonarc | 2026-04-16 | N/A |
| MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using "&={script}" syntax. | ||||
| CVE-2002-0739 | 1 Postnuke Software Foundation | 1 Postcalendar | 2026-04-16 | N/A |
| Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. | ||||
| CVE-2002-0741 | 1 Psychoid | 1 Psybnc | 2026-04-16 | N/A |
| psyBNC 2.3 allows remote attackers to cause a denial of service (CPU consumption and resource exhaustion) by sending a PASS command with a long password argument and quickly killing the connection, which is not properly terminated by psyBNC. | ||||
| CVE-2002-0742 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in pioout on AIX 4.3.3. | ||||