Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2040 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program. | ||||
| CVE-2002-0039 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths. | ||||
| CVE-2005-0742 | 1 Sun | 1 Java System Application Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2002-0048 | 2 Andrew Tridgell, Redhat | 2 Rsync, Linux | 2026-04-16 | N/A |
| Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server. | ||||
| CVE-2006-4608 | 1 Longino | 1 Jacome Php-revista | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php. | ||||
| CVE-2005-0816 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. | ||||
| CVE-2002-0085 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request. | ||||
| CVE-2002-2112 | 1 Rca | 1 Digital Cable Modem | 2026-04-16 | N/A |
| RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cable Service Interface Specifications DOCSIS standard, uses the "public" community string for SNMP access, which allows remote attackers to read or write MIB information. | ||||
| CVE-2002-0088 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. | ||||
| CVE-2005-0818 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters. | ||||
| CVE-2005-3118 | 1 William Stearns | 1 Mason | 2026-04-16 | N/A |
| Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot. | ||||
| CVE-2005-0821 | 1 Citrix | 1 Metaframe Conferencing Manager | 2026-04-16 | N/A |
| Unknown vulnerability in Citrix MetaFrame Conferencing Manager 3.0 allows conference members to bypass organizer restrictions to control the keyboard and mouse. | ||||
| CVE-2002-0089 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file. | ||||
| CVE-2002-2117 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flooding UDP port 500 (ISAKMP). | ||||
| CVE-2005-0827 | 3 Ciamos, E-xoops, Runcms | 3 Ciamos, E-xoops, Runcms | 2026-04-16 | N/A |
| Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message. | ||||
| CVE-2005-3124 | 1 Acme Labs | 1 Thttpd | 2026-04-16 | N/A |
| syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2002-0096 | 1 Geeklog | 1 Geeklog | 2026-04-16 | N/A |
| The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, which could provide that user with administrative privileges that were not intended. | ||||
| CVE-2002-1511 | 3 Att, Redhat, Tightvnc | 4 Vnc, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. | ||||
| CVE-2002-0098 | 1 Boozt | 1 Boozt Standard | 2026-04-16 | N/A |
| Buffer overflow in index.cgi administration interface for Boozt! Standard 0.9.8 allows local users to execute arbitrary code via a long name field when creating a new banner. | ||||
| CVE-2002-0099 | 1 Michael Lamont | 1 Savant Webserver | 2026-04-16 | N/A |
| Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . (dot) characters. | ||||