Export limit exceeded: 29915 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29915 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1694 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running. | ||||
| CVE-2002-1705 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight. | ||||
| CVE-2002-1698 | 1 Microsoft | 1 Msn Messenger | 2026-04-16 | N/A |
| Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header. | ||||
| CVE-2002-1699 | 1 Pascal Michaud | 1 Asp Client Check | 2026-04-16 | N/A |
| SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field. | ||||
| CVE-2002-1703 | 1 Mewsoft | 1 Netauction | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter. | ||||
| CVE-2002-1704 | 1 Zeroboard | 1 Zeroboard | 2026-04-16 | N/A |
| Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remote attackers to execute arbitrary PHP code by modifying the _zb_path parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2002-1719 | 1 Bavo | 1 Bavo | 2026-04-16 | N/A |
| Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages. | ||||
| CVE-2002-1720 | 1 Outfront | 1 Spooky Login | 2026-04-16 | N/A |
| SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field. | ||||
| CVE-2002-1722 | 1 Logitech | 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard | 2026-04-16 | N/A |
| Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button. | ||||
| CVE-2002-2001 | 2 Jmcce, Mandrakesoft | 2 Jmcce, Mandrake Linux | 2026-04-16 | N/A |
| jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2002-2002 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables. | ||||
| CVE-2002-2003 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| ypbind in Compaq Tru64 4.0F, 4.0G, 5.0A, 5.1 and 5.1A allows remote attackers to cause the process to core dump via certain network packets generated by nmap. | ||||
| CVE-2002-2004 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets. | ||||
| CVE-2002-2005 | 1 Sun | 1 Java Web Start | 2026-04-16 | N/A |
| Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors. | ||||
| CVE-2002-2006 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets. | ||||
| CVE-2002-2007 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages. | ||||
| CVE-2002-2008 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message. | ||||
| CVE-2002-2010 | 1 Htdig | 1 Htdig | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig (ht://Dig) 3.1.5, 3.1.6, and 3.2 allows remote attackers to inject arbitrary web script or HTML via the words parameter. | ||||
| CVE-2002-2011 | 1 Jon Howell | 1 Faq-o-matic | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2002-2012 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request. | ||||