Export limit exceeded: 29867 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29867 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1870 | 1 Sws | 1 Sws Simple Web Server | 2025-04-03 | N/A |
| Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle when the recv function call fails, which may allow remote attackers to overwrite program data or perform actions on an uninitialized heap, leading to a denial of service and possibly code execution. | ||||
| CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | ||||
| CVE-2002-1875 | 1 Mcafee | 1 Entercept Agent | 2025-04-03 | N/A |
| Entercept Agent 2.5 agent for Windows, released before May 21, 2002, allows local administrative users to obtain the entercept agent password, which could allow the administrators to log on as the entercept_agent account and conceal their identity. | ||||
| CVE-2002-1879 | 1 Lokwa | 1 Lokwabb | 2025-04-03 | N/A |
| SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the (1) member parameter to member.php or (2) loser parameter to misc.php. | ||||
| CVE-2002-1881 | 1 Macromedia | 1 Flash Player | 2025-04-03 | N/A |
| Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. | ||||
| CVE-2002-1883 | 1 Trolltech | 1 Qt Assistant | 2025-04-03 | N/A |
| Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service. | ||||
| CVE-2002-1884 | 1 Py-membres | 1 Py-membres | 2025-04-03 | N/A |
| index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | ||||
| CVE-2002-1886 | 1 Tightauction | 1 Tightauction | 2025-04-03 | N/A |
| TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password. | ||||
| CVE-2002-1888 | 1 Commonname | 1 Commonname Toolbar | 2025-04-03 | N/A |
| CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names. | ||||
| CVE-2002-1889 | 1 Logsurfer | 1 Logsurfer | 2025-04-03 | N/A |
| Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5a allows remote attackers to cause a denial of service (crash) via a malformed log entry. | ||||
| CVE-2002-1890 | 1 Redhat | 1 Rhmask | 2025-04-03 | N/A |
| rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbitrary files via a symlink attack on the mask file. | ||||
| CVE-2002-1891 | 1 Ayman Akt | 1 Ircit | 2025-04-03 | N/A |
| Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request. | ||||
| CVE-2002-1892 | 1 Netgear | 1 Fvs318 | 2025-04-03 | N/A |
| NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. | ||||
| CVE-2002-1893 | 1 Argosoft | 1 Argosoft Mail Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers to inject arbitrary web script or HTML via the e-mail message. | ||||
| CVE-2002-1894 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | ||||
| CVE-2002-1896 | 1 Alsaplayer | 1 Alsaplayer | 2025-04-03 | N/A |
| Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long (1) -f or (2) -o command line argument. | ||||
| CVE-2002-1899 | 1 Icewarp | 1 Web Mail | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" (addressname) parameter. | ||||
| CVE-2002-1900 | 1 Pinboard | 1 Pinboard | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists. | ||||
| CVE-2002-1901 | 1 Bodo Bauer | 1 Bbgallery | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags. | ||||
| CVE-2002-1903 | 1 University Of Washington | 1 Pine | 2025-04-03 | N/A |
| Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information. | ||||