Export limit exceeded: 349399 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349399 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0848 | 1 Cisco | 2 Vpn 5000 Concentrator, Vpn 5000 Concentrator Series Software | 2026-04-16 | N/A |
| Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing. | ||||
| CVE-2002-0849 | 1 Cisco | 1 Iscsi Driver | 2026-04-16 | N/A |
| Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password. | ||||
| CVE-2005-3495 | 1 Ar-blog | 1 Ar-blog | 2026-04-16 | N/A |
| Ar-blog 5.2 and earlier allows remote attackers to bypass authentication by modifying cookies. | ||||
| CVE-2002-0867 | 1 Microsoft | 1 Virtual Machine | 2026-04-16 | N/A |
| Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw." | ||||
| CVE-2002-0869 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation." | ||||
| CVE-2002-0870 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2026-04-16 | N/A |
| The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. | ||||
| CVE-2002-0871 | 2 Redhat, Xinetd | 2 Linux, Xinetd | 2026-04-16 | N/A |
| xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe. | ||||
| CVE-2002-0872 | 1 L2tpd | 1 L2tpd | 2026-04-16 | N/A |
| l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions. | ||||
| CVE-2002-0875 | 3 Debian, Redhat, Sgi | 4 Debian Linux, Enterprise Linux, Fam and 1 more | 2026-04-16 | N/A |
| Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. | ||||
| CVE-2002-0876 | 1 Evolvable Corporation | 1 Shambala Server | 2026-04-16 | N/A |
| Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request. | ||||
| CVE-2002-0877 | 1 Evolvable Corporation | 1 Shambala Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands. | ||||
| CVE-2002-0878 | 1 Logisense | 2 Dns Manager System, Hawk-i | 2026-04-16 | N/A |
| SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote attackers to bypass authentication via SQL code in the password field. | ||||
| CVE-2002-0879 | 1 Gafware | 1 Cfximage | 2026-04-16 | N/A |
| showtemp.cfm for Gafware CFXImage 1.6.6 allows remote attackers to read arbitrary files via (1) a .. or (2) a C: style pathname in the FILE parameter. | ||||
| CVE-2002-0881 | 1 Cisco | 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 | 2026-04-16 | N/A |
| Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings. | ||||
| CVE-2002-0891 | 1 Juniper | 1 Netscreen Screenos | 2026-04-16 | N/A |
| The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. | ||||
| CVE-2002-0883 | 1 Compaq | 1 Proliant Bl E-class Integrated Administrator Firmware | 2026-04-16 | N/A |
| Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities. | ||||
| CVE-2002-0884 | 2 Caldera, Sun | 3 Openunix, Unixware, Sunos | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error. | ||||
| CVE-2002-0885 | 2 Caldera, Sun | 3 Openunix, Unixware, Sunos | 2026-04-16 | N/A |
| Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error. | ||||
| CVE-2002-0886 | 1 Cisco | 1 Cbos | 2026-04-16 | N/A |
| Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | ||||
| CVE-2002-0904 | 1 Kismet | 1 Kismet | 2026-04-16 | N/A |
| SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument. | ||||