Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0505 1 Cisco 1 Call Manager 2026-04-16 N/A
Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords.
CVE-2002-0509 1 Oracle 1 Oracle9i 2026-04-16 N/A
Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521.
CVE-2002-0508 1 Wwwisis 1 Wwwisis 2026-04-16 N/A
wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog.
CVE-2006-3921 1 Sun 2 Java System Application Server, Java System Web Server 2026-04-16 N/A
Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.
CVE-2002-0503 1 Citrix 1 Nfuse 2026-04-16 N/A
Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter.
CVE-2002-0510 1 Linux 1 Linux Kernel 2026-04-16 N/A
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux.
CVE-2002-0502 1 Citrix 1 Nfuse 2026-04-16 N/A
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page.
CVE-2006-3923 1 Fire-mouse 1 Fire-mouse Toplist 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Toplist 1.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the Seitenname parameter.
CVE-2002-0515 1 Phildev 1 Ipfilter 2026-04-16 N/A
IPFilter 3.4.25 and earlier sets a different TTL when a port is being filtered than when it is not being filtered, which allows remote attackers to identify filtered ports by comparing TTLs.
CVE-2002-0530 1 Novell 1 Web Search 2026-04-16 N/A
Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows remote attackers to execute arbitrary script as other Web Search users via the search parameter.
CVE-2002-0536 1 Phpgroupware 1 Phpgroupware 2026-04-16 N/A
PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack.
CVE-2002-0537 1 Stepweb 1 Sws 2026-04-16 N/A
The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.
CVE-2002-0539 1 Demarc Security 1 Puresecure 2026-04-16 N/A
Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.
CVE-2002-0545 1 Cisco 2 Aironet Ap340, Aironet Ap350 2026-04-16 N/A
Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.
CVE-2002-0546 1 Nullsoft 1 Winamp 2026-04-16 N/A
Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file.
CVE-2002-0547 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
CVE-2002-0548 1 Anthill 1 Anthill 2026-04-16 N/A
Anthill allows remote attackers to bypass authentication and file bug reports by directly accessing the postbug.php program instead of enterbug.php.
CVE-2002-0549 1 Anthill 1 Anthill 2026-04-16 N/A
Cross-site scripting vulnerabilities in Anthill allow remote attackers to execute script as other Anthill users.
CVE-2002-0543 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request.
CVE-2002-0544 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.