Search Results (26436 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2329 1 Mirabilis 1 Icq 2026-04-16 N/A
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
CVE-2002-2328 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request.
CVE-2002-2325 1 University Of Washington 1 Pine 2026-04-16 N/A
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field.
CVE-2002-2322 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
CVE-2002-2317 1 Symantec 1 Velociraptor 2026-04-16 N/A
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
CVE-2004-1428 1 Argosoft 1 Ftp Server 2026-04-16 N/A
ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a password, which allows remote attackers to determine valid usernames.
CVE-2006-3451 1 Microsoft 1 Ie 2026-04-16 N/A
Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2002-2314 1 Mozilla 1 Mozilla 2026-04-16 N/A
Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail.
CVE-2002-2289 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords.
CVE-2002-2288 1 Mambo 1 Site Server 2026-04-16 N/A
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message.
CVE-2004-1386 1 Tiki 1 Tikiwiki Cms\/groupware 2026-04-16 N/A
TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200.
CVE-2002-2276 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error message.
CVE-2005-0209 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments.
CVE-2002-2239 1 Cisco 3 Catalyst 6500, Catalyst 7600, Ios 2026-04-16 N/A
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
CVE-2002-2237 1 Tftp 1 Tftp Server 2026-04-16 N/A
tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux.
CVE-2002-2228 1 Mailscanner 1 Mailscanner 2026-04-16 N/A
MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with (1) extra leading spaces, (2) extra trailing spaces, or (3) alternate character encodings that cannot be processed by MailScanner.
CVE-2002-1874 1 Astrocam 1 Astrocam 2026-04-16 N/A
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.
CVE-2005-0797 1 Novell 1 Ichain 2026-04-16 N/A
Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
CVE-2005-0116 1 Awstats 1 Awstats 2026-04-16 N/A
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
CVE-2002-1360 7 Cisco, Fissh, Intersoft and 4 more 7 Ios, Ssh Client, Securenetterm and 4 more 2026-04-16 N/A
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.