Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4066 1 Microsoft 1 Windows Xp 2026-04-16 N/A
The Graphical Device Interface Plus library (gdiplus.dll) in Microsoft Windows XP SP2 allows context-dependent attackers to cause a denial of service (application crash) via certain images that trigger a divide-by-zero error, as demonstrated by a (1) .ico file, (2) .png file that crashes MSN Messenger, and (3) .jpg file that crashes Internet Explorer. NOTE: another researcher has not been able to reproduce this issue.
CVE-2002-0970 2 Kde, Redhat 4 Kde, Konqueror, Enterprise Linux and 1 more 2026-04-16 N/A
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
CVE-2002-0979 1 Microsoft 1 Virtual Machine 2026-04-16 N/A
The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code.
CVE-2002-0988 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.
CVE-2006-4074 1 Joomla 1 Jd-wiki 2026-04-16 N/A
PHP remote file inclusion vulnerability in lib/tpl/default/main.php in the JD-Wiki Component (com_jd-wiki) 1.0.2 and earlier for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2002-1006 1 Bbc Education 1 Betsie 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl.
CVE-2002-1016 1 Adobe 1 Digital Editions 2026-04-16 N/A
Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files.
CVE-2002-1012 1 Ibm 1 Tivoli Management Framework 2026-04-16 N/A
Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
CVE-2002-1023 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.
CVE-2002-1021 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
CVE-2002-1022 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.
CVE-2002-1034 1 Sun 1 I-runbook 2026-04-16 N/A
none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument.
CVE-2002-1035 1 Omnicron 1 Omnihttpd 2026-04-16 N/A
Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number.
CVE-2002-1036 1 Zoltan Milosevic 1 Fluid Dynamics Search Engine 2026-04-16 N/A
Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.
CVE-2002-1031 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.
CVE-2002-1032 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header.
CVE-2002-1041 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
CVE-2006-4084 1 David Walker 1 Phpautomembersarea 2026-04-16 N/A
Unspecified vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4 has unknown impact and attack vectors, related to "a potential security exploit which is critical."
CVE-2002-1052 1 W3c 1 Jigsaw 2026-04-16 N/A
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
CVE-2002-1051 1 Ehud Gavron 1 Tracesroute 2026-04-16 N/A
Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.