Export limit exceeded: 29915 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29915 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0145 | 1 Scott Parish | 1 Chuid | 2026-04-16 | N/A |
| chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root. | ||||
| CVE-2002-0144 | 1 Scott Parish | 1 Chuid | 2026-04-16 | N/A |
| Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack. | ||||
| CVE-2002-0143 | 2 Enlightenment, Michael Jennings | 2 Imlib, Eterm | 2026-04-16 | N/A |
| Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | ||||
| CVE-2005-0194 | 1 Squid | 1 Squid | 2026-04-16 | N/A |
| Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings. | ||||
| CVE-2002-0142 | 1 Pi3 | 1 Pi3web | 2026-04-16 | N/A |
| CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long and ends in a series of . (dot) characters. | ||||
| CVE-2005-0148 | 1 Mozilla | 1 Thunderbird | 2026-04-16 | N/A |
| Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascript: links, which invokes Internet Explorer and may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer that is installed on the user's system. NOTE: since the invocation between multiple products is a common practice, and the vulnerabilities inherent in multi-product interactions are not easily enumerable, this issue might be REJECTED in the future. | ||||
| CVE-2002-0141 | 1 Maelstrom | 1 Maelstrom Gpl | 2026-04-16 | N/A |
| Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file. | ||||
| CVE-2002-0140 | 1 Dnrd | 1 Dnrd | 2026-04-16 | N/A |
| Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions. | ||||
| CVE-2005-2346 | 1 Novell | 1 Groupwise | 2026-04-16 | N/A |
| Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section. | ||||
| CVE-2002-0139 | 1 Pi-soft | 1 Spoonftp | 2026-04-16 | N/A |
| Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command. | ||||
| CVE-2005-0136 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. | ||||
| CVE-2002-0138 | 1 Andreas Mueller | 1 Cdrdao | 2026-04-16 | N/A |
| CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command. | ||||
| CVE-2002-0092 | 2 Cvs, Redhat | 2 Cvs, Linux | 2026-04-16 | N/A |
| CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability. | ||||
| CVE-2005-2353 | 1 Mozilla | 1 Thunderbird | 2026-04-16 | N/A |
| run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-0119 | 1 Helvis | 1 Helvis | 2026-04-16 | N/A |
| helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program. | ||||
| CVE-2002-0091 | 1 Nswc | 1 Cider Shadow | 2026-04-16 | N/A |
| Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields. | ||||
| CVE-2002-0088 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. | ||||
| CVE-2005-0091 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | N/A |
| Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls. | ||||
| CVE-2005-0090 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2026-04-16 | N/A |
| A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash). | ||||
| CVE-2002-0076 | 3 Hp, Microsoft, Sun | 5 Java Jre-jdk, Virtual Machine, Jdk and 2 more | 2026-04-16 | N/A |
| Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. | ||||