Export limit exceeded: 362258 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362258 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2195 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.
CVE-2005-2723 1 Php Arena 1 Pafiledb 2026-04-16 N/A
SQL injection vulnerability in auth.php in PaFileDB 3.1, when authmethod is set to cookies, allows remote attackers to execute arbitrary SQL commands via the username value in the pafiledbcookie cookie.
CVE-2002-2171 1 Andrey Cherezov 1 Acweb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in acWEB 1.8 and 1.14 allows remote attackers to insert arbitrary HTML and web script via a URL, possibly via a "%db" request in a URL.
CVE-2002-2197 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.
CVE-2005-2724 1 Inter7 1 Sqwebmail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer.
CVE-2002-0394 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords.
CVE-2002-2175 1 Php 1 Phpsquidpass 2026-04-16 N/A
phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username.
CVE-2002-2176 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page.
CVE-2004-1840 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) screen parameter to modules.php, (2) module_name parameter to title.php, (3) sortby parameter to modules.php, or (4) overview parameter to modules.php.
CVE-2002-2180 1 Openbsd 1 Openbsd 2026-04-16 N/A
The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error.
CVE-2002-2199 1 Freebsd 1 Advanced Intrusion Detection Environment 2026-04-16 N/A
The default aide.conf file in Advanced Intrusion Detection Environment (AIDE) before 0.7_1 on FreeBSD before 2002-08-28 does not properly check subdirectories, which could allow local users to bypass detection.
CVE-2002-2204 1 Redhat 1 Redhat Package Manager 2026-04-16 N/A
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source.
CVE-2002-2207 1 Eric Rescorla 1 Ssldump 2026-04-16 N/A
Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote attackers to execute arbitrary code via a long RSA PreMasterSecret.
CVE-2005-2727 1 Ari Pikivirta 1 Home Ftp Server 2026-04-16 N/A
Home Ftp Server 1.0.7 stores sensitive user information and server information in the same directory as the user's home directory, which allows remote authenticated users to obtain sensitive information by obtaining ftpmembers.lst and ftpsettings.lst.
CVE-2002-2209 1 Pablo Software Solutions 1 Baby Ftp Server 2026-04-16 N/A
Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors.
CVE-2002-2210 1 Openoffice 1 Openoffice 2026-04-16 N/A
The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file.
CVE-2002-0412 1 Luca Deri 1 Ntop 2026-04-16 N/A
Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication.
CVE-2002-2216 1 Soft3304 1 04webserver 2026-04-16 N/A
Soft3304 04WebServer before 1.20 does not properly process URL strings, which allows remote attackers to obtain unspecified sensitive information.
CVE-2002-2217 1 Comscripts 1 Web Server Creator 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal) 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) l parameter to customize.php or the (2) pg parameter to index.php.
CVE-2005-2728 2 Apache, Redhat 2 Http Server, Enterprise Linux 2026-04-16 N/A
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.