Export limit exceeded: 362229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362229 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1976 1 Linux 1 Linux Kernel 2026-04-16 N/A
ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.
CVE-2002-1972 1 Sebastian Dehne 1 Pp Powerswitch 2026-04-16 N/A
Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports.
CVE-2002-1995 1 Lebios 1 Phptonuke.php 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter.
CVE-2002-1971 1 Sourcecraft 1 Networking Utils 2026-04-16 N/A
The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument.
CVE-2002-1968 1 Com21 1 Doxport 1100 2026-04-16 N/A
Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a malicious TFTP server.
CVE-2002-1994 1 Gamecheats 1 Advanced Web Server Professional 2026-04-16 N/A
advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence.
CVE-2002-1966 1 My Postcards 1 My Postcards Platinum 2026-04-16 N/A
Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
CVE-2002-1959 1 Nagios 1 Nagios 2026-04-16 N/A
Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metacharacters in plugin output.
CVE-2002-0084 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
CVE-2002-1953 1 Aol 1 Instant Messenger 2026-04-16 N/A
Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 allows remote attackers to cause a denial of service (crash) via escaping of the screen name parameter, which triggers the overflow when the user selects "Get Info" on the buddy.
CVE-2005-0198 2 Redhat, University Of Washington 2 Enterprise Linux, Uw-imap 2026-04-16 N/A
A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticate as arbitrary users.
CVE-2002-1950 1 Phprank 1 Phprank 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl parameter) in the main list.
CVE-2002-1949 1 Iomega 2 Nas A300u, Nas A300u Firmware 2026-04-16 7.5 High
The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password.
CVE-2002-1947 1 Webmin 1 Webmin 2026-04-16 N/A
Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session.
CVE-2002-1931 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string.
CVE-2002-1924 1 Apc 1 Powerchute 2026-04-16 N/A
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory.
CVE-2002-1946 1 Tata 1 Integrated Dialer 2026-04-16 5.5 Medium
Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry key, which allows local users to obtain and decrypt the password.
CVE-2002-1917 1 Geeklog 1 Geeklog 2026-04-16 N/A
CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header.
CVE-2002-1916 1 Pirch 2 Pirch Irc, Ruspirch 2026-04-16 N/A
Pirch and RusPirch, when auto-log is enabled, allows remote attackers to cause a denial of service (crash) via a nickname containing an MS-DOS device name such as AUX, which is inserted into a filename for saving queries.
CVE-2002-1915 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 5.5 Medium
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.