Export limit exceeded: 345549 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345549 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1832 | 1 Scaramanga | 1 Firestorm Ids | 2026-04-16 | N/A |
| Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service (crash) via certain IP options. | ||||
| CVE-2002-1833 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2026-04-16 | N/A |
| The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges. | ||||
| CVE-2002-1837 | 1 Ids | 1 Ids | 2026-04-16 | N/A |
| The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not. | ||||
| CVE-2002-1841 | 1 Noguska | 1 Nola | 2026-04-16 | N/A |
| The document management module in NOLA 1.1.1 and 1.1.2 does not restrict the types of files that are uploaded, which allows remote attackers to upload and execute arbitrary PHP files with extensions such as .php4. | ||||
| CVE-2002-1850 | 1 Apache | 1 Http Server | 2026-04-16 | 7.5 High |
| mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script. | ||||
| CVE-2002-1857 | 1 Jo | 1 Jo Webserver | 2026-04-16 | N/A |
| jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | ||||
| CVE-2002-1867 | 1 Bizdesign | 1 Imagefolio | 2026-04-16 | N/A |
| The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, which allows remote attackers to create an administrative account, or (2) admin/nph-build.cgi, which allows remote attackers to cause a denial of service (CPU consumption). | ||||
| CVE-2002-1872 | 1 Microsoft | 1 Sql Server | 2026-04-16 | 7.5 High |
| Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password. | ||||
| CVE-2002-1874 | 1 Astrocam | 1 Astrocam | 2026-04-16 | N/A |
| astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect. | ||||
| CVE-2002-1878 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter. | ||||
| CVE-2006-3675 | 1 Counterpane | 1 Passwordsafe | 2026-04-16 | N/A |
| Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents. | ||||
| CVE-2002-1895 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a denial of service (crash) via a large number of HTTP GET requests for an MS-DOS device such as AUX, LPT1, CON, or PRN. | ||||
| CVE-2002-1897 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow. | ||||
| CVE-2002-1902 | 1 Markus Triska | 1 Cgiforum | 2026-04-16 | N/A |
| CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent. | ||||
| CVE-2002-1918 | 1 Microsoft | 1 Data Access Components | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. | ||||
| CVE-2002-1919 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields. | ||||
| CVE-2002-1927 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2026-04-16 | N/A |
| Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the userlist.cgi file. | ||||
| CVE-1999-0694 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Denial of service in AIX ptrace system call allows local users to crash the system. | ||||
| CVE-2002-1947 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. | ||||
| CVE-2002-1951 | 1 Goahead Software | 1 Goahead Webserver | 2026-04-16 | N/A |
| Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. | ||||