Export limit exceeded: 29916 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29916 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2190 | 1 Artscore Studios | 1 Cutecast Forum | 2026-04-16 | N/A |
| ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file. | ||||
| CVE-2002-2191 | 1 Lotus | 1 Domino | 2026-04-16 | N/A |
| Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner. | ||||
| CVE-2002-2192 | 1 Perception | 1 Liteserve | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders. | ||||
| CVE-2002-2197 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. | ||||
| CVE-2002-2195 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response. | ||||
| CVE-2002-2198 | 1 Zmailer | 1 Zmailer | 2026-04-16 | N/A |
| Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname. | ||||
| CVE-2002-2200 | 1 Benjamin Lefevre | 1 Dobermann Forum | 2026-04-16 | N/A |
| Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein (1) entete.php, (2) enteteacceuil.php, (3) index.php, or (4) newtopic.php. | ||||
| CVE-2002-2201 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the printer name. | ||||
| CVE-2002-2204 | 1 Redhat | 1 Redhat Package Manager | 2026-04-16 | N/A |
| The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source. | ||||
| CVE-2002-2205 | 1 Webresolve | 1 Webresolve | 2026-04-16 | N/A |
| Buffer overflow in Webresolve 0.1.0 and earlier allows remote attackers to execute arbitrary code by connecting to the server from an IP address that resolves to a long hostname. | ||||
| CVE-2002-2209 | 1 Pablo Software Solutions | 1 Baby Ftp Server | 2026-04-16 | N/A |
| Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors. | ||||
| CVE-2002-2210 | 1 Openoffice | 1 Openoffice | 2026-04-16 | N/A |
| The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file. | ||||
| CVE-2002-2212 | 2 Fujitsu, Isc | 2 Uxp V, Bind | 2026-04-16 | N/A |
| The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2002-2215 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function. | ||||
| CVE-2002-2216 | 1 Soft3304 | 1 04webserver | 2026-04-16 | N/A |
| Soft3304 04WebServer before 1.20 does not properly process URL strings, which allows remote attackers to obtain unspecified sensitive information. | ||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2026-04-16 | N/A |
| The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2002-2214 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header. | ||||
| CVE-2002-2221 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | N/A |
| Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639. | ||||
| CVE-2002-2223 | 1 Juniper | 2 Netscreen Remote Security Client, Netscreen Remote Vpn Client | 2026-04-16 | N/A |
| Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload. | ||||
| CVE-2002-2243 | 1 Akfingerd | 1 Akfingerd | 2026-04-16 | N/A |
| Akfingerd 0.5 and possibly earlier versions only allows one connection at a time and does not time out connections, which allows remote attackers to cause a denial of service (refused connections) by opening a connection and not closing it. | ||||