Export limit exceeded: 362333 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362333 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2037 1 Cisco 5 Bams, Pgw 2200, Sc2200 and 2 more 2026-04-16 N/A
The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
CVE-2002-2038 1 Bill Abt 1 Next Generation Posix Threading 2026-04-16 N/A
Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods.
CVE-2002-2042 1 Qnx 1 Rtos 2026-04-16 N/A
ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes.
CVE-1999-1554 1 Sgi 1 Irix 2026-04-16 N/A
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
CVE-2002-2045 1 Xqus 1 X-stat 2026-04-16 N/A
x_stat_admin.php in x-stat 2.3 and earlier allows remote attackers to (1) execute PHP commands such as phpinfo or (2) obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message.
CVE-2002-2046 1 Xqus 1 X-news 2026-04-16 N/A
x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie.
CVE-2002-2049 1 Dug Song 3 Dsniff, Fragroute, Fragrouter 2026-04-16 N/A
configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May 17, 2002, has been modified to contain a backdoor, which allows remote attackers to access the system.
CVE-2004-0866 4 Kde, Microsoft, Mozilla and 1 more 5 Konqueror, Ie, Internet Explorer and 2 more 2026-04-16 N/A
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
CVE-2002-2052 1 Cisco 1 Ios 2026-04-16 N/A
Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software.
CVE-2002-2053 1 Cisco 1 Ios 2026-04-16 N/A
The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop.
CVE-2002-2054 1 Teekai 1 Teekai Forum 2026-04-16 N/A
TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin.
CVE-2002-2055 1 Teekai 1 Teekai Tracking Online 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2002-2056 1 Teekai 1 Teekai Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie.
CVE-2005-0230 1 Mozilla 1 Firefox 2026-04-16 N/A
Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files that can still be parsed by the Windows batch file parser, aka "firedragging."
CVE-2002-2057 1 Teekai 1 Teekai Forum 2026-04-16 N/A
TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.
CVE-2005-0231 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
CVE-2002-2058 1 Teekai 1 Tracking Online 2026-04-16 7.5 High
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.
CVE-2002-2060 1 Twibright Labs 1 Links 2026-04-16 N/A
Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images.
CVE-2002-2064 1 Phpwebgallery 1 Phpwebgallery 2026-04-16 N/A
isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo.
CVE-2002-2062 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL.