Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1107 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.
CVE-2002-1108 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel.
CVE-2002-1109 1 Amavis 1 Virus Scanner 2026-04-16 N/A
securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter.
CVE-2002-1110 1 Mantis 1 Mantis 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.
CVE-2002-1112 1 Mantis 1 Mantis 2026-04-16 N/A
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
CVE-2002-1113 1 Mantis 1 Mantis 2026-04-16 N/A
summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code.
CVE-2002-1114 1 Mantis 1 Mantis 2026-04-16 N/A
config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.
CVE-2002-1115 1 Mantis 1 Mantis 2026-04-16 N/A
Mantis 0.17.4a and earlier allows remote attackers to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php.
CVE-2002-1116 1 Mantis 1 Mantis 2026-04-16 N/A
The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and earlier includes summaries of private bugs for users that do not have access to any projects.
CVE-2002-1117 1 Symantec Veritas 1 Backup Exec 2026-04-16 N/A
Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
CVE-2002-1118 1 Oracle 2 Oracle8i, Oracle9i 2026-04-16 N/A
TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command.
CVE-2002-1119 2 Python, Redhat 3 Python, Enterprise Linux, Linux 2026-04-16 N/A
os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.
CVE-2002-1128 1 Digital 2 Osf 1, Ultrix 2026-04-16 N/A
Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable.
CVE-2002-1129 2 Compaq, Digital 2 Tru64, Osf 1 2026-04-16 N/A
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.
CVE-2002-1132 2 Redhat, Squirrelmail 2 Linux, Squirrelmail 2026-04-16 N/A
SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script.
CVE-2002-1133 1 Funsoft 1 Dinos Webserver 2026-04-16 N/A
Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "\" (%5c) characters.
CVE-2002-1134 1 Hp 1 Webes Service Tools 2026-04-16 N/A
Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files.
CVE-2002-1135 1 Phpwebsite 1 Phpwebsite 2026-04-16 N/A
modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, allows remote attackers to execute arbitrary PHP source code via an inc_prefix parameter that points to the malicious code.
CVE-2002-1177 1 Nullsoft 1 Winamp 2026-04-16 N/A
Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.
CVE-2002-1139 1 Microsoft 3 Windows 98 Plus Pack, Windows Me, Windows Xp 2026-04-16 N/A
The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target Path for Zipped File Decompression."