Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0762 | 1 Suse | 1 Suse Linux | 2025-04-03 | N/A |
| shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files. | ||||
| CVE-2002-0758 | 1 Suse | 1 Suse Linux | 2025-04-03 | N/A |
| ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file. | ||||
| CVE-2002-0768 | 2 Luke Mewburn, Suse | 2 Lukemftp, Suse Linux | 2025-04-03 | N/A |
| Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command. | ||||
| CVE-2002-0770 | 1 Id Software | 1 Quake 2i Server | 2025-04-03 | N/A |
| Quake 2 (Q2) server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated using "say $rcon_password." | ||||
| CVE-2002-0771 | 1 Viewcvs | 1 Viewcvs | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters. | ||||
| CVE-2002-0773 | 1 Hosting Controller | 1 Hosting Controller | 2025-04-03 | N/A |
| imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath. | ||||
| CVE-2002-0769 | 1 Cisco | 1 Ata-186 | 2025-04-03 | N/A |
| The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters. | ||||
| CVE-2002-0779 | 1 Novell | 1 Bordermanager | 2025-04-03 | N/A |
| FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service (network connectivity loss) via a connection to port 21 with a large amount of random data. | ||||
| CVE-2002-0780 | 1 Novell | 1 Bordermanager | 2025-04-03 | N/A |
| IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND. | ||||
| CVE-2002-0781 | 1 Novell | 1 Bordermanager | 2025-04-03 | N/A |
| RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND. | ||||
| CVE-2002-0783 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | N/A |
| Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL. | ||||
| CVE-2002-0782 | 1 Novell | 1 Bordermanager | 2025-04-03 | N/A |
| Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled allows remote attackers to cause a denial of service by filling the connection table with a large number of connection requests to hosts that do not have a specific route, which may be forwarded to the public interface. | ||||
| CVE-2002-1760 | 1 Phprojekt | 1 Phprojekt | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 allow remote attackers to execute arbitrary SQL commands via the unknown attack vectors. | ||||
| CVE-2002-0787 | 1 Critical Path | 1 Injoin Directory Server | 2025-04-03 | N/A |
| Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters. | ||||
| CVE-2002-0786 | 1 Critical Path | 1 Injoin Directory Server | 2025-04-03 | N/A |
| iCon administrative web server for Critical Path inJoin Directory Server 4.0 allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter. | ||||
| CVE-2002-0789 | 1 Mnogosearch | 1 Mnogosearch | 2025-04-03 | N/A |
| Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter. | ||||
| CVE-2002-0792 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2025-04-03 | N/A |
| The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | ||||
| CVE-2002-0797 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges. | ||||
| CVE-2002-0795 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. | ||||
| CVE-2002-0800 | 1 Working Resources Inc. | 1 Badblue | 2025-04-03 | N/A |
| BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end. | ||||