Export limit exceeded: 363781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363781 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0208 | 1 Network.associates | 1 Pgpfire | 2026-04-16 | N/A |
| PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire. | ||||
| CVE-2002-0209 | 1 Nortel | 1 Alteon Acedirector | 2026-04-16 | N/A |
| Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address. | ||||
| CVE-2002-0210 | 1 Tolis Group | 1 Bru | 2026-04-16 | N/A |
| setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file. | ||||
| CVE-2002-0211 | 1 Tarantella | 1 Tarantella Enterprise | 2026-04-16 | N/A |
| Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed. | ||||
| CVE-2002-0212 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack. | ||||
| CVE-2002-0213 | 2 Sgi, Xinet | 2 Irix, K-ashare | 2026-04-16 | N/A |
| xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory. | ||||
| CVE-2002-0214 | 1 Intel | 1 Intel Pro Wireless 2011b Lan Usb Device Driver | 2026-04-16 | N/A |
| Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key. | ||||
| CVE-2002-0215 | 1 Steve Kneizys | 1 Agora.cgi | 2026-04-16 | N/A |
| Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message. | ||||
| CVE-2002-0216 | 1 Xoops | 1 Xoops | 2026-04-16 | N/A |
| userinfo.php in XOOPS 1.0 RC1 allows remote attackers to obtain sensitive information via a SQL injection attack in the "uid" parameter. | ||||
| CVE-2002-0217 | 1 Xoops | 1 Xoops | 2026-04-16 | N/A |
| Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php. | ||||
| CVE-2002-0218 | 1 Sas | 2 Sas Base, Sas Integration Technologies | 2026-04-16 | N/A |
| Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument. | ||||
| CVE-2002-0219 | 1 Sas | 2 Sas Base, Sas Integration Technologies | 2026-04-16 | N/A |
| Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument. | ||||
| CVE-2002-0220 | 1 Phpsmssend | 1 Phpsmssend | 2026-04-16 | N/A |
| phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute arbitrary commands via an SMS message containing shell metacharacters. | ||||
| CVE-2002-0221 | 1 Etype | 1 Eserv | 2026-04-16 | N/A |
| Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV. | ||||
| CVE-2002-0222 | 1 Etype | 1 Eserv | 2026-04-16 | N/A |
| Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command. | ||||
| CVE-2002-0223 | 2 Infopop, Wired Community Software | 2 Ultimate Bulletin Board, Wwwthreads | 2026-04-16 | N/A |
| Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension. | ||||
| CVE-2002-0224 | 1 Microsoft | 3 Internet Information Services, Sql Server, Windows 2000 | 2026-04-16 | N/A |
| The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input. | ||||
| CVE-2002-0225 | 1 Cisco | 1 Tacacs\+ | 2026-04-16 | N/A |
| tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files. | ||||
| CVE-2002-0226 | 1 Dcscripts | 1 Dcforum | 2026-04-16 | N/A |
| retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID, which allows remote attackers to request a new password on behalf of another user and use the sessionID to calculate the new password for that user. | ||||
| CVE-2002-0227 | 2 Kde, Kicq | 2 Kde, Kicq | 2026-04-16 | N/A |
| KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message. | ||||