Export limit exceeded: 363317 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363317 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363317 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0244 1 Atheos 1 Atheos 2026-04-16 N/A
Directory traversal vulnerability in chroot function in AtheOS 0.3.7 allows attackers to escape the jail via a .. (dot dot) in the pathname argument to chdir.
CVE-2006-0767 1 Nathan Neulinger 1 Cgiwrap 2026-04-16 N/A
CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information.
CVE-2002-0248 1 Wliang 1 Wmtv 2026-04-16 N/A
wmtv 0.6.5 and earlier allows local users to modify arbitrary files via a symlink attack on a configuration file.
CVE-2002-0251 1 Licq 1 Licq 2026-04-16 N/A
Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d".
CVE-2002-0255 1 Arescom 1 Netdsl 2026-04-16 N/A
The default configuration of Arescom NetDSL 800 does not require authentication, which allows remote attackers to cause a denial of service or reconfigure the router.
CVE-2006-0770 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in "advanced details". NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2002-0259 1 Instantservers Inc. 1 Miniportal 2026-04-16 N/A
InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
CVE-2002-0266 1 Thunderstone Software 1 Texis 2026-04-16 N/A
Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname.
CVE-2006-1473 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors.
CVE-2002-0281 1 Codeworx Technologies 1 Dcp-portal 2026-04-16 N/A
Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier allows remote attackers to gain privileges of other portal users by providing Javascript in the job information field to user_update.php.
CVE-2002-0292 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.
CVE-2002-0298 1 Nombas 1 Scriptease Webserver 2026-04-16 N/A
ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character.
CVE-2002-0304 1 Summit Computer Networks 1 Lil Http Server 2026-04-16 N/A
Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request.
CVE-2002-0317 1 Gator 1 Gator 2026-04-16 N/A
Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter.
CVE-2002-0319 1 Powie 1 Pforum 2026-04-16 N/A
Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username.
CVE-2002-0321 1 Yahoo 1 Messenger 2026-04-16 N/A
Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks.
CVE-2003-0817 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
CVE-2002-0329 1 Snitz Communications 1 Snitz Forums 2000 2026-04-16 N/A
Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.
CVE-2002-0333 1 Xtell 1 Xtell 2026-04-16 N/A
Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument.
CVE-2006-2191 1 Gnu 1 Mailman 2026-04-16 N/A
Format string vulnerability in Mailman before 2.1.9 allows attackers to execute arbitrary code via unspecified vectors. NOTE: the vendor has disputed this vulnerability, stating that it is "unexploitable.