Export limit exceeded: 29911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1950 | 1 Phprank | 1 Phprank | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl parameter) in the main list. | ||||
| CVE-2002-1947 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. | ||||
| CVE-2006-3304 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier allows remote attackers to execute arbitrary SQL commands via the xmsn parameter. | ||||
| CVE-2005-0135 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash). | ||||
| CVE-2002-1959 | 1 Nagios | 1 Nagios | 2026-04-16 | N/A |
| Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metacharacters in plugin output. | ||||
| CVE-2002-1970 | 1 Snortcenter | 1 Snortcenter | 2026-04-16 | N/A |
| SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers. | ||||
| CVE-2002-1971 | 1 Sourcecraft | 1 Networking Utils | 2026-04-16 | N/A |
| The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument. | ||||
| CVE-2002-1968 | 1 Com21 | 1 Doxport 1100 | 2026-04-16 | N/A |
| Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a malicious TFTP server. | ||||
| CVE-2002-1969 | 1 The Magic Notebook | 1 The Magic Notebook | 2026-04-16 | N/A |
| Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login. | ||||
| CVE-2002-1977 | 1 Pgp | 1 Pgp | 2026-04-16 | N/A |
| Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase. | ||||
| CVE-2002-1980 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. | ||||
| CVE-2002-1987 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | ||||
| CVE-2002-1986 | 1 Perception | 1 Liteserve | 2026-04-16 | N/A |
| Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot ("."). | ||||
| CVE-2002-1989 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp. | ||||
| CVE-2002-1990 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet. | ||||
| CVE-2005-0155 | 2 Larry Wall, Redhat | 2 Perl, Enterprise Linux | 2026-04-16 | N/A |
| The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable. | ||||
| CVE-2006-3307 | 1 Zoid Technologies | 1 Project Eros Bbsengine | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Project EROS bbsengine before bbsengine-20060429-1550-jam allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters in the php/comment.php and (2) the getpartialmatches method in php/aolbonics.php. | ||||
| CVE-2002-1998 | 1 Sco | 2 Open Unix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21). | ||||
| CVE-2002-2000 | 1 Compaq | 1 Acms | 2026-04-16 | N/A |
| ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data. | ||||
| CVE-2005-0173 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server. | ||||