Export limit exceeded: 359657 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359657 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359657 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359657 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2055 | 1 Teekai | 1 Teekai Tracking Online | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2002-2056 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie. | ||||
| CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | ||||
| CVE-2002-2058 | 1 Teekai | 1 Tracking Online | 2026-04-16 | 7.5 High |
| TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | ||||
| CVE-2002-2064 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-16 | N/A |
| isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo. | ||||
| CVE-2002-2065 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root. | ||||
| CVE-2002-2066 | 1 Jetico | 1 Bcwipe | 2026-04-16 | 7.5 High |
| BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
| CVE-2002-2067 | 1 East-tec | 1 Eraser | 2026-04-16 | 7.5 High |
| East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
| CVE-2002-2068 | 1 Tolvanen | 1 Eraser | 2026-04-16 | 7.5 High |
| Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | ||||
| CVE-2002-2105 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. | ||||
| CVE-1999-1332 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. | ||||
| CVE-2002-2071 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap. | ||||
| CVE-2002-2072 | 1 Sun | 1 Jre | 2026-04-16 | N/A |
| java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument. | ||||
| CVE-2002-2074 | 1 Erwin Lansing | 1 Mailidx | 2026-04-16 | N/A |
| SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary SQL commands via the search web page. | ||||
| CVE-1999-1232 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program. | ||||
| CVE-2002-1831 | 1 Microsoft | 1 Msn Messenger | 2026-04-16 | N/A |
| Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field. | ||||
| CVE-2002-1832 | 1 Scaramanga | 1 Firestorm Ids | 2026-04-16 | N/A |
| Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service (crash) via certain IP options. | ||||
| CVE-2002-1833 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2026-04-16 | N/A |
| The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges. | ||||
| CVE-2002-1834 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2026-04-16 | N/A |
| The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history. | ||||
| CVE-2002-1836 | 1 Xerox | 2 Docutech 6110, Docutech 6115 | 2026-04-16 | N/A |
| The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files. | ||||