Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2144 | 1 Free Peers | 1 Bearshare | 2026-04-16 | N/A |
| Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters. | ||||
| CVE-2002-2139 | 1 Cisco | 1 Pix Firewall Software | 2026-04-16 | N/A |
| Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack. | ||||
| CVE-2002-2140 | 1 Cisco | 1 Pix Firewall Software | 2026-04-16 | N/A |
| Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS. | ||||
| CVE-2002-2142 | 1 Bea | 2 Weblogic Integration, Weblogic Server | 2026-04-16 | N/A |
| An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper enforcement of role mappings and policies in applications that use the extension. | ||||
| CVE-2002-2162 | 1 Cerulean Studios | 1 Trillian | 2026-04-16 | N/A |
| Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts. | ||||
| CVE-2002-2163 | 1 Killervault | 1 Kvpoll | 2026-04-16 | N/A |
| KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php. | ||||
| CVE-2002-2156 | 1 Cerulean Studios | 1 Trillian | 2026-04-16 | N/A |
| Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response. | ||||
| CVE-2002-2169 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" tag to an aim: URL. | ||||
| CVE-2002-2172 | 1 Shana | 2 Informed Designer, Informed Filler | 2026-04-16 | N/A |
| Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information. | ||||
| CVE-2002-2179 | 1 Unisys | 1 Clearpath Mcp | 2026-04-16 | N/A |
| The dynamic initialization feature of the ClearPath MCP environment allows remote attackers to cause a denial of service (crash) via a TCP port scan using a tool such as nmap. | ||||
| CVE-2002-2180 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. | ||||
| CVE-2002-2181 | 1 Sonicwall | 1 Content Filtering | 2026-04-16 | N/A |
| SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name. | ||||
| CVE-2006-3342 | 1 Olate | 1 Arctic | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Arctic 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search cmd. | ||||
| CVE-2002-2176 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page. | ||||
| CVE-2002-2182 | 1 Seunghyun Seo | 1 Msn666 | 2026-04-16 | N/A |
| Buffer overflow in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 allows remote attackers to execute arbitrary code via a long MSN packet. | ||||
| CVE-2002-2188 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error. | ||||
| CVE-2002-2187 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact. | ||||
| CVE-2002-2197 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. | ||||
| CVE-2002-2210 | 1 Openoffice | 1 Openoffice | 2026-04-16 | N/A |
| The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file. | ||||
| CVE-2006-3348 | 1 Swsoft | 1 Hspcomplete | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in report.php and (2) level parameter in custom_buttons.php. | ||||