Export limit exceeded: 25566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (367206 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0292 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field.
CVE-2002-0293 1 Alcatel-lucent 1 Omnipcx 2026-04-16 N/A
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file.
CVE-2002-0294 1 Alcatel-lucent 1 Omnipcx 2026-04-16 N/A
Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system.
CVE-2002-0295 1 Alcatel-lucent 1 Omnipcx 2026-04-16 N/A
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges.
CVE-2002-0296 1 Tarantella 1 Tarantella Enterprise 2026-04-16 N/A
The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.
CVE-2002-0297 1 Nombas 1 Scriptease Webserver 2026-04-16 N/A
Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request.
CVE-2002-0298 1 Nombas 1 Scriptease Webserver 2026-04-16 N/A
ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character.
CVE-2002-0299 1 Cnet 1 Catchup 2026-04-16 N/A
CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan.
CVE-2002-0300 1 Gnujsp 1 Gnujsp 2026-04-16 N/A
gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file.
CVE-2002-0302 1 Symantec 1 Enterprise Firewall 2026-04-16 N/A
The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.
CVE-2002-0303 1 Novell 1 Groupwise 2026-04-16 N/A
GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows attackers to gain privileges of other users by logging in without a password.
CVE-2002-0304 1 Summit Computer Networks 1 Lil Http Server 2026-04-16 N/A
Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request.
CVE-2002-0305 1 Zero One Tech 1 P100s 2026-04-16 N/A
Zero One Tech (ZOT) P100s print server does not properly disable the SNMP service or change the default password, which could leave the server open to attack without the administrator's knowledge.
CVE-2002-0306 1 Avengers News System 1 Avengers News System 2026-04-16 N/A
ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the p (plugin) parameter.
CVE-2002-0307 1 Avengers News System 1 Avengers News System 2026-04-16 N/A
Directory traversal vulnerability in ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a .. (dot dot) in the p parameter, which reads the target file and attempts to execute the line using Perl's eval function.
CVE-2001-1435 1 Compaq 1 Tru64 2026-04-16 N/A
inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its services.
CVE-2001-1436 1 Dallas Semiconductor 1 Ibutton 2026-04-16 N/A
Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password.
CVE-2001-1437 1 Easyscripts 1 Easynews 2026-04-16 N/A
easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out.
CVE-2001-1438 2 Handspring, Palm 2 Visor, Palm Os 2026-04-16 N/A
Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image.
CVE-2001-1439 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.