Export limit exceeded: 344908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0316 | 1 Xmb Software | 1 Xmb Forum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag. | ||||
| CVE-2000-1075 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2026-04-16 | N/A |
| Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. | ||||
| CVE-2002-0317 | 1 Gator | 1 Gator | 2026-04-16 | N/A |
| Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter. | ||||
| CVE-2002-0318 | 1 Freeradius | 1 Freeradius | 2026-04-16 | N/A |
| FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. | ||||
| CVE-2000-1076 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2026-04-16 | N/A |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | ||||
| CVE-2002-0319 | 1 Powie | 1 Pforum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username. | ||||
| CVE-2000-1078 | 1 Mirabilis | 1 Icq Web Front | 2026-04-16 | N/A |
| ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?" character. | ||||
| CVE-2002-0320 | 1 Yahoo | 1 Messenger | 2026-04-16 | N/A |
| Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field. | ||||
| CVE-2000-1079 | 1 Microsoft | 4 Windows 2000, Windows 95, Windows 98 and 1 more | 2026-04-16 | N/A |
| Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. | ||||
| CVE-2002-0322 | 1 Yahoo | 1 Messenger | 2026-04-16 | N/A |
| Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing. | ||||
| CVE-2000-1080 | 2 Id Software, J. P. Grossman | 2 Quake, Proquake | 2026-04-16 | N/A |
| Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | ||||
| CVE-2002-0326 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript. | ||||
| CVE-2002-0327 | 1 Century Software | 1 Term | 2026-04-16 | N/A |
| Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program. | ||||
| CVE-2000-1081 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | ||||
| CVE-2000-1082 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | ||||
| CVE-2002-0328 | 1 Ikonboard.com | 1 Ikonboard | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag. | ||||
| CVE-2002-0332 | 1 Xtell | 1 Xtell | 2026-04-16 | N/A |
| Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request. | ||||
| CVE-2002-0333 | 1 Xtell | 1 Xtell | 2026-04-16 | N/A |
| Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument. | ||||
| CVE-2002-0334 | 1 Xtell | 1 Xtell | 2026-04-16 | N/A |
| xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. | ||||
| CVE-2002-0335 | 1 Galacticomm Technologies | 2 Worldgroup, Worldgroup Lite Personal Server | 2026-04-16 | N/A |
| Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request. | ||||