Export limit exceeded: 357290 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357290 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0609 | 1 Hp | 1 Mpe Ix | 2026-04-16 | N/A |
| Vulnerability in HP MPE/iX 6.0 through 7.0 allows attackers to cause a denial of service (system failure with "SA1457 out of i_port_timeout.fix_up_message_frame") via malformed IP packets. | ||||
| CVE-2002-2020 | 1 Netgear | 1 Rp114 | 2026-04-16 | N/A |
| Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed. | ||||
| CVE-2002-2010 | 1 Htdig | 1 Htdig | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig (ht://Dig) 3.1.5, 3.1.6, and 3.2 allows remote attackers to inject arbitrary web script or HTML via the words parameter. | ||||
| CVE-2002-1992 | 1 Macromedia | 2 Coldfusion, Coldfusion Professional | 2026-04-16 | N/A |
| Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2) a long HTTP header. | ||||
| CVE-2002-1964 | 1 Wesmo | 1 Phpeventcalendar | 2026-04-16 | N/A |
| Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors. | ||||
| CVE-2002-0038 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk. | ||||
| CVE-2002-0123 | 1 Mdg Computer Services | 1 Web Server 4d Ecommerce | 2026-04-16 | N/A |
| MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and earlier, and possibly 3.5.3, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | ||||
| CVE-2002-0172 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption). | ||||
| CVE-2002-0232 | 1 Mrtg | 1 Multi Router Traffic Grapher Cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14all-1.1.cgi, (3) traffic.cgi, or (4) mrtg.cgi. | ||||
| CVE-2002-0299 | 1 Cnet | 1 Catchup | 2026-04-16 | N/A |
| CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan. | ||||
| CVE-2002-0270 | 1 Opera Software | 1 Opera Web Browser | 2026-04-16 | N/A |
| Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks. | ||||
| CVE-2002-0282 | 1 Codeworx Technologies | 1 Dcp-portal | 2026-04-16 | N/A |
| DCP-Portal 3.7 through 4.5 allows remote attackers to obtain the physical path of the server via (1) a direct request to add_user.php, or via an invalid new_language parameter in (2) contents.php, (3) categories.php, or (4) files.php, which leaks the path in an error message. | ||||
| CVE-2002-0287 | 1 Powie | 1 Pforum | 2026-04-16 | N/A |
| pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default. | ||||
| CVE-2002-0348 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2026-04-16 | N/A |
| service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument. | ||||
| CVE-2002-0318 | 1 Freeradius | 1 Freeradius | 2026-04-16 | N/A |
| FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. | ||||
| CVE-2002-0328 | 1 Ikonboard.com | 1 Ikonboard | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag. | ||||
| CVE-2002-0332 | 1 Xtell | 1 Xtell | 2026-04-16 | N/A |
| Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request. | ||||
| CVE-2002-0338 | 1 Ritlabs | 1 The Bat | 2026-04-16 | N/A |
| The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name. | ||||
| CVE-2001-0535 | 1 Macromedia | 1 Coldfusion Server | 2026-04-16 | N/A |
| Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script. | ||||
| CVE-2002-0399 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. | ||||