Export limit exceeded: 364308 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1156 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program.
CVE-2002-1984 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service (crash) via an OBJECT tag that contains a crafted CLASSID (CLSID) value of "CLSID:00022613-0000-0000-C000-000000000046".
CVE-2003-0513 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Internet Explorer to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVE-2003-1157 1 Citrix 1 Metaframe 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter.
CVE-2002-1985 1 Incognito Software Inc 1 Ismtp Gateway 2026-04-16 N/A
iSMTP 5.0.1 allows remote attackers to cause a denial of service via a long "MAIL FROM" command, possibly triggering a buffer overflow.
CVE-2003-0514 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVE-2003-1158 1 Plug And Play Software 1 Plug And Play Web Server 2026-04-16 N/A
Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands.
CVE-2002-2009 1 Apache 1 Tomcat 2026-04-16 N/A
Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
CVE-2002-2012 1 Apache 1 Http Server 2026-04-16 N/A
Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.
CVE-2002-2018 1 Sas 2 Base, Integration Technologies 2026-04-16 N/A
sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.
CVE-1999-0071 1 Apache 1 Http Server 2026-04-16 N/A
Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
CVE-1999-0072 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in AIX xdat gives root access to local users.
CVE-1999-0073 2 Digital, Sgi 3 Osf 1, Unix, Irix 2026-04-16 N/A
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
CVE-1999-0074 4 Freebsd, Linux, Microsoft and 1 more 4 Freebsd, Linux Kernel, Windows Nt and 1 more 2026-04-16 N/A
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
CVE-2002-0987 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.
CVE-2002-0988 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.
CVE-2002-0989 2 Redhat, Rob Flynn 4 Enterprise Linux, Linux, Powertools and 1 more 2026-04-16 N/A
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
CVE-2002-0991 1 Hp 1 Cifs-9000 Server 2026-04-16 N/A
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.
CVE-2002-0992 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data.
CVE-2002-0993 1 Hp 1 Instant Support 2026-04-16 N/A
Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.