Export limit exceeded: 344947 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344947 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0979 | 1 Microsoft | 1 Virtual Machine | 2026-04-16 | N/A |
| The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code. | ||||
| CVE-2002-0980 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL. | ||||
| CVE-2002-0981 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line. | ||||
| CVE-2002-0982 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure. | ||||
| CVE-2002-0983 | 1 Irssi | 1 Irssi | 2026-04-16 | N/A |
| IRC client irssi in irssi-text before 0.8.4 allows remote attackers to cause a denial of service (crash) via an IRC channel that has a long topic followed by a certain string, possibly triggering a buffer overflow. | ||||
| CVE-2002-0984 | 1 Light | 1 Light | 2026-04-16 | N/A |
| The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x before 2.8pre10, running EPIC allows remote attackers to execute arbitrary code if the user joins a channel whose topic includes EPIC4 code. | ||||
| CVE-2002-0985 | 3 Openpkg, Php, Redhat | 6 Openpkg, Php, Enterprise Linux and 3 more | 2026-04-16 | N/A |
| Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands. | ||||
| CVE-2002-0986 | 2 Php, Redhat | 5 Php, Enterprise Linux, Linux and 2 more | 2026-04-16 | N/A |
| The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy." | ||||
| CVE-2002-0987 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges. | ||||
| CVE-2002-0989 | 2 Redhat, Rob Flynn | 4 Enterprise Linux, Linux, Powertools and 1 more | 2026-04-16 | N/A |
| The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. | ||||
| CVE-2002-1008 | 1 Summit Computer Networks | 1 Lil Http Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request. | ||||
| CVE-2002-1009 | 1 Summit Computer Networks | 1 Lil Http Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters. | ||||
| CVE-2002-1010 | 1 Lotus | 1 Domino R4 | 2026-04-16 | N/A |
| Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers. | ||||
| CVE-2002-0990 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2026-04-16 | N/A |
| The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. | ||||
| CVE-2002-0991 | 1 Hp | 1 Cifs-9000 Server | 2026-04-16 | N/A |
| Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | ||||
| CVE-2002-0996 | 1 Novell | 2 Netmail, Netmail Xe | 2026-04-16 | N/A |
| Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb. | ||||
| CVE-2002-0997 | 1 Novell | 2 Netmail, Netmail Xe | 2026-04-16 | N/A |
| Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service. | ||||
| CVE-2002-0998 | 1 Care 2002 | 1 Care 2002 | 2026-04-16 | N/A |
| Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. (dot dot) sequences and null characters in the lang parameter, which is processed by a call to the include function. | ||||
| CVE-2002-0999 | 1 Care 2002 | 1 Care 2002 | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 allow remote attackers to perform unauthorized database operations. | ||||
| CVE-2002-1011 | 1 Ibm | 1 Tivoli Management Framework | 2026-04-16 | N/A |
| Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. | ||||