Export limit exceeded: 363994 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363994 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0971 3 Att, Tightvnc, Tridia 3 Winvnc Server, Tightvnc, Tridiavnc 2026-04-16 N/A
Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box.
CVE-2002-0972 2 Postgresql, Redhat 3 Postgresql, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.
CVE-2002-0973 1 Freebsd 1 Freebsd 2026-04-16 N/A
Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl.
CVE-2002-0974 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm.
CVE-2002-0975 1 Microsoft 1 Directx Files Viewer Control 2026-04-16 N/A
Buffer overflow in Microsoft DirectX Files Viewer ActiveX control (xweb.ocx) 2.0.6.15 and earlier allows remote attackers to execute arbitrary via a long File parameter.
CVE-2002-0976 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet.
CVE-2002-0978 1 Microsoft 1 File Transfer Manager 2026-04-16 N/A
Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function.
CVE-2002-0979 1 Microsoft 1 Virtual Machine 2026-04-16 N/A
The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code.
CVE-2002-0536 1 Phpgroupware 1 Phpgroupware 2026-04-16 N/A
PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack.
CVE-2002-0537 1 Stepweb 1 Sws 2026-04-16 N/A
The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.
CVE-2002-0538 1 Symantec 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more 2026-04-16 N/A
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.
CVE-2002-0539 1 Demarc Security 1 Puresecure 2026-04-16 N/A
Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.
CVE-2002-0540 1 Nortel 1 Cvx 1800 Multi-service Access Switch 2026-04-16 N/A
Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration.
CVE-2002-0541 1 Ibm 1 Tivoli Storage Manager 2026-04-16 N/A
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.
CVE-2002-0542 1 Openbsd 1 Openbsd 2026-04-16 N/A
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
CVE-2002-0544 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.
CVE-2002-0545 1 Cisco 2 Aironet Ap340, Aironet Ap350 2026-04-16 N/A
Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.
CVE-2002-0571 1 Oracle 1 Oracle9i 2026-04-16 N/A
Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax.
CVE-2002-0547 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
CVE-2002-0548 1 Anthill 1 Anthill 2026-04-16 N/A
Anthill allows remote attackers to bypass authentication and file bug reports by directly accessing the postbug.php program instead of enterbug.php.