Export limit exceeded: 364861 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1562 1 Acme Labs 1 Thttpd 2026-04-16 N/A
Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header.
CVE-2002-2413 2 Deerfield, Microsoft 3 Website Pro, Windows 9x, Windows Nt 2026-04-16 N/A
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.
CVE-2002-1563 2 Redhat, Stunnel 3 Enterprise Linux, Linux, Stunnel 2026-04-16 N/A
stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.
CVE-2003-1274 1 Nullsoft 1 Winamp 2026-04-16 N/A
Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.
CVE-2002-1564 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability.
CVE-2002-1565 2 Immunix, Redhat 2 Immunix, Enterprise Linux 2026-04-16 N/A
Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.
CVE-2003-1275 1 Microsoft 1 Pocket Ie 2026-04-16 N/A
Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function.
CVE-2002-1566 1 Netris 1 Netris 2026-04-16 N/A
netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284.
CVE-2002-1567 1 Apache 1 Tomcat 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.
CVE-2003-1276 1 Nettelephone 1 Nettelephone 2026-04-16 N/A
Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts.
CVE-2002-1568 2 Openssl, Redhat 2 Openssl, Enterprise Linux 2026-04-16 N/A
OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c.
CVE-2003-1277 1 Yabb 1 Yabb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into (1) news_icon of news_template.php, and (2) threadid and subject of index.html
CVE-2002-1569 2 Ghostview, Gv 2 Ghostview, Gv 2026-04-16 N/A
gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.
CVE-2002-1570 1 Ucd-snmp 1 Ucd-snmp 2026-04-16 N/A
Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array.
CVE-2003-1278 1 Infopop 1 Opentopic 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
CVE-2003-0715 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.
CVE-2002-1571 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.
CVE-2002-1572 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors.
CVE-2002-1573 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling."
CVE-2002-1574 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors.