Export limit exceeded: 363668 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363668 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0099 1 Michael Lamont 1 Savant Webserver 2026-04-16 N/A
Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . (dot) characters.
CVE-2005-3126 1 Antiword 1 Antiword 2026-04-16 N/A
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files.
CVE-2002-0102 1 Oracle 1 Application Server Web Cache 2026-04-16 N/A
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters.
CVE-2005-3801 1 Counterpane 1 Passwordsafe 2026-04-16 N/A
CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a subset of the stored key data without performing the more expensive key derivation function (KDF) function, which reduces the search time in brute force attacks.
CVE-2002-0668 1 Pingtel 1 Xpressa 2026-04-16 N/A
The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the Call Forwarding settings and hijack calls.
CVE-2002-0106 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name.
CVE-2006-4614 1 Pocket Pc 1 Pocket Pc 2026-04-16 N/A
PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEY_CURRENT_USER\Software\PDAapps\VeriChat.
CVE-2002-0108 1 Allaire 1 Forums 2026-04-16 N/A
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
CVE-2005-3802 1 Belkin 2 F5d7230-4, F5d7232-4 2026-04-16 N/A
Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication.
CVE-2002-0120 1 Palm 1 Palm Desktop 2026-04-16 N/A
Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information.
CVE-2002-0674 1 Pingtel 1 Xpressa 2026-04-16 N/A
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication.
CVE-2002-0677 7 Caldera, Compaq, Hp and 4 more 9 Openunix, Unixware, Tru64 and 6 more 2026-04-16 N/A
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
CVE-2002-1517 1 Sgi 2 Freeware, Irix 2026-04-16 N/A
fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file.
CVE-2002-0135 1 Netopia 1 Timbuktu Pro 2026-04-16 N/A
Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a series of connections to one of the ports (1417 - 1420).
CVE-2002-2129 1 W-agora 1 W-agora 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in editform.php for w-Agora 4.1.5 allows remote attackers to execute arbitrary web script via an arbitrary form field name containing the script, which is echoed back to the user when displaying the form.
CVE-2005-0843 1 Phorum 1 Phorum 2026-04-16 N/A
CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header.
CVE-2002-0678 7 Caldera, Compaq, Hp and 4 more 9 Openunix, Unixware, Tru64 and 6 more 2026-04-16 N/A
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
CVE-2002-1523 1 Daniel Arenz 1 Mini Server 2026-04-16 N/A
Directory traversal vulnerability in Daniel Arenz Mini Server 2.1.6 allows remote attackers to read arbitrary files via (1) ../ (dot-dot slash) or (2) ..\ (dot-dot backslash) sequences.
CVE-2002-0152 1 Microsoft 6 Entourage, Excel, Ie and 3 more 2026-04-16 N/A
Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.
CVE-2002-1524 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.