Export limit exceeded: 29894 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29894 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1613 | 1 Hp | 2 Hp-ux, Tru64 | 2026-04-16 | N/A |
| Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges. | ||||
| CVE-2002-0355 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions. | ||||
| CVE-2002-1029 | 1 Worldspan | 1 Res Manager | 2026-04-16 | N/A |
| Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990. | ||||
| CVE-2002-0951 | 1 Ruslan Communications | 1 Body Builder | 2026-04-16 | N/A |
| SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password. | ||||
| CVE-2000-1148 | 1 Volano Llc | 1 Volanochatpro | 2026-04-16 | N/A |
| The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server. | ||||
| CVE-2002-0932 | 1 Luis Bernardo | 1 Myhelpdesk | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog. | ||||
| CVE-2002-0933 | 1 Datalex | 1 Bookit Consumer | 2026-04-16 | N/A |
| Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks. | ||||
| CVE-2002-1057 | 1 Smartmax Software | 1 Mailmax | 2026-04-16 | N/A |
| Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command. | ||||
| CVE-2002-0939 | 1 Ncipher | 1 Mscapi Csp | 2026-04-16 | N/A |
| The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | ||||
| CVE-2002-0940 | 1 Ncipher | 1 Mscapi Csp | 2026-04-16 | N/A |
| domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | ||||
| CVE-2002-1176 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file. | ||||
| CVE-2002-0943 | 1 Metalinks | 1 Metacart2.sql | 2026-04-16 | N/A |
| MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb. | ||||
| CVE-2002-0953 | 1 Php Address | 1 Php Address | 2026-04-16 | N/A |
| globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter. | ||||
| CVE-2002-0959 | 1 Splatt | 1 Splatt Forum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script. | ||||
| CVE-2002-0960 | 1 Voxel | 1 Cbms | 2026-04-16 | N/A |
| Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users. | ||||
| CVE-2002-0988 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities. | ||||
| CVE-2001-1202 | 1 Delegate | 1 Delegate | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error. | ||||
| CVE-2002-0992 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data. | ||||
| CVE-2002-0993 | 1 Hp | 1 Instant Support | 2026-04-16 | N/A |
| Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files. | ||||
| CVE-2002-0995 | 1 Gianluca Baldo | 1 Phpauction | 2026-04-16 | N/A |
| login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table. | ||||