Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0114 | 1 Elm Development Group | 1 Elm | 2025-04-03 | N/A |
| Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack. | ||||
| CVE-1999-0116 | 1 Ibm | 2 Aix, Sng | 2025-04-03 | N/A |
| Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. | ||||
| CVE-1999-0450 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | N/A |
| In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). | ||||
| CVE-2005-3253 | 2 Avaya, Proxim | 10 Wireless Ap-3, Wireless Ap-4, Wireless Ap-5 and 7 more | 2025-04-03 | N/A |
| Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication. | ||||
| CVE-2005-3254 | 1 Nathan Neulinger | 1 Cgiwrap | 2025-04-03 | N/A |
| The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems. | ||||
| CVE-2002-0486 | 1 Workforceroi | 1 Xpede | 2025-04-03 | N/A |
| Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges. | ||||
| CVE-2002-0487 | 1 Workforceroi | 1 Xpede | 2025-04-03 | N/A |
| Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache. | ||||
| CVE-2002-0490 | 1 Instant Web Mail | 1 Instant Web Mail | 2025-04-03 | N/A |
| Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain mail message headers via numerous parameters in write.php. | ||||
| CVE-2002-0694 | 1 Microsoft | 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more | 2025-04-03 | N/A |
| The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote attackers to execute arbitrary code via HTML mail that references or inserts a malicious .chm file containing shortcuts that can be executed, aka "Code Execution via Compiled HTML Help File." | ||||
| CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2025-04-03 | N/A |
| Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | ||||
| CVE-2002-0706 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2025-04-03 | N/A |
| UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function. | ||||
| CVE-2002-0708 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2025-04-03 | N/A |
| Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to read arbitrary files via an HTTP request containing ... (triple dot) sequences. | ||||
| CVE-2002-0713 | 2 Redhat, Squid | 3 Enterprise Linux, Linux, Squid | 2025-04-03 | N/A |
| Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated. | ||||
| CVE-2002-0717 | 1 Php | 1 Php | 2025-04-03 | N/A |
| PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed. | ||||
| CVE-2002-0721 | 1 Microsoft | 2 Data Engine, Sql Server | 2025-04-03 | N/A |
| Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt. | ||||
| CVE-2002-0724 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2025-04-03 | N/A |
| Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service". | ||||
| CVE-2002-0728 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. | ||||
| CVE-2002-0738 | 1 Mhonarc | 1 Mhonarc | 2025-04-03 | N/A |
| MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using "&={script}" syntax. | ||||
| CVE-2002-0742 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in pioout on AIX 4.3.3. | ||||
| CVE-2002-0746 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. | ||||