Export limit exceeded: 29894 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29894 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1478 | 1 The Cacti Group | 1 Cacti | 2026-04-16 | N/A |
| Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode. | ||||
| CVE-2001-1401 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in (1) process_bug.cgi, (2) show_activity.cgi, (3) showvotes.cgi, (4) showdependencytree.cgi, (5) showdependencygraph.cgi, (6) showattachment.cgi, or (7) describecomponents.cgi. | ||||
| CVE-2001-1405 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi. | ||||
| CVE-2001-1406 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent. | ||||
| CVE-2001-1414 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root. | ||||
| CVE-2001-1416 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags. | ||||
| CVE-2001-1422 | 1 Att | 1 Winvnc | 2026-04-16 | N/A |
| WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | ||||
| CVE-2001-1434 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | ||||
| CVE-2002-0416 | 1 Sh39 | 1 Mailserver | 2026-04-16 | N/A |
| Buffer overflow in SH39 MailServer 1.21 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long command to the SMTP port. | ||||
| CVE-2002-0427 | 1 Christof Pohl | 1 Improved Mod Frontpage | 2026-04-16 | N/A |
| Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges. | ||||
| CVE-2002-0428 | 1 Checkpoint | 3 Check Point Vpn, Firewall-1, Next Generation | 2026-04-16 | N/A |
| Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file. | ||||
| CVE-2002-0429 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | N/A |
| The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall). | ||||
| CVE-2002-0433 | 1 Pi3 | 1 Pi3web | 2026-04-16 | N/A |
| Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character. | ||||
| CVE-2002-0434 | 1 Marcus S. Xenakis | 1 Directory.php | 2026-04-16 | N/A |
| Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. | ||||
| CVE-2002-0546 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file. | ||||
| CVE-2002-0458 | 1 Linux-sottises | 1 News-tnk | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | ||||
| CVE-2002-0473 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter. | ||||
| CVE-2002-0474 | 1 Zeroforum | 1 Zeroforum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in ZeroForum allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within IMG image tag. | ||||
| CVE-2002-0467 | 2 Ecartis, Listar | 2 Ecartis, Listar | 2026-04-16 | N/A |
| Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c. | ||||
| CVE-2002-0509 | 1 Oracle | 1 Oracle9i | 2026-04-16 | N/A |
| Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521. | ||||