Export limit exceeded: 345223 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345223 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345223 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1878 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter. | ||||
| CVE-2006-3675 | 1 Counterpane | 1 Passwordsafe | 2026-04-16 | N/A |
| Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents. | ||||
| CVE-2002-1895 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN. | ||||
| CVE-2002-1897 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow. | ||||
| CVE-2002-1902 | 1 Markus Triska | 1 Cgiforum | 2026-04-16 | N/A |
| CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent. | ||||
| CVE-2002-1918 | 1 Microsoft | 1 Data Access Components | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. | ||||
| CVE-2002-1919 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields. | ||||
| CVE-2002-1927 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2026-04-16 | N/A |
| Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the userlist.cgi file. | ||||
| CVE-1999-0694 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Denial of service in AIX ptrace system call allows local users to crash the system. | ||||
| CVE-2002-1947 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. | ||||
| CVE-2002-1951 | 1 Goahead Software | 1 Goahead Webserver | 2026-04-16 | N/A |
| Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. | ||||
| CVE-2002-1952 | 1 Phprank | 1 Phprank | 2026-04-16 | N/A |
| phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable. | ||||
| CVE-2002-1957 | 1 Pen | 1 Pen | 2026-04-16 | N/A |
| Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to execute arbitrary commands via malformed log messages. | ||||
| CVE-2002-1958 | 1 Kmmail | 1 Kmmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field. | ||||
| CVE-2002-1972 | 1 Sebastian Dehne | 1 Pp Powerswitch | 2026-04-16 | N/A |
| Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports. | ||||
| CVE-2002-1976 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap. | ||||
| CVE-2002-1978 | 1 Darren Reed | 1 Ipfilter | 2026-04-16 | N/A |
| IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | ||||
| CVE-2002-1979 | 1 Watchguard | 3 Legacy Rssa, Soho, Vclass | 2026-04-16 | N/A |
| WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | ||||
| CVE-2002-1983 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service (hang) and possibly execute arbitrary code by creating multiple timers with a 1-ms tick. | ||||
| CVE-2002-1996 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php. | ||||