Export limit exceeded: 365444 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365444 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1871 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.
CVE-2002-1872 1 Microsoft 1 Sql Server 2026-04-16 7.5 High
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the password.
CVE-2002-1873 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote attackers to cause a denial of service (crash or memory consumption) via malformed MSRPC calls.
CVE-2002-1875 1 Mcafee 1 Entercept Agent 2026-04-16 N/A
Entercept Agent 2.5 agent for Windows, released before May 21, 2002, allows local administrative users to obtain the entercept agent password, which could allow the administrators to log on as the entercept_agent account and conceal their identity.
CVE-2002-1876 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS.
CVE-2002-1877 1 Netgear 1 Fm114p 2026-04-16 N/A
NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname.
CVE-2002-1878 1 W-agora 1 W-agora 2026-04-16 N/A
PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrary PHP code via the inc_dir parameter.
CVE-2002-1879 1 Lokwa 1 Lokwabb 2026-04-16 N/A
SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the (1) member parameter to member.php or (2) loser parameter to misc.php.
CVE-2002-1881 1 Macromedia 1 Flash Player 2026-04-16 N/A
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.
CVE-2002-1882 1 Oracle 1 E-business Suite 2026-04-16 N/A
Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors.
CVE-2002-1883 1 Trolltech 1 Qt Assistant 2026-04-16 N/A
Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service.
CVE-2002-1884 1 Py-membres 1 Py-membres 2026-04-16 N/A
index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin".
CVE-2002-1885 1 Powerphlogger 1 Powerphlogger 2026-04-16 N/A
PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter.
CVE-2002-1886 1 Tightauction 1 Tightauction 2026-04-16 N/A
TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password.
CVE-2002-1887 1 Gregory Kokanosky 1 Phpmynewsletter 2026-04-16 N/A
PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter.
CVE-2002-1888 1 Commonname 1 Commonname Toolbar 2026-04-16 N/A
CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and possibly other web servers for name resolution, which allows those organizations to obtain internal server names.
CVE-2002-1889 1 Logsurfer 1 Logsurfer 2026-04-16 N/A
Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5a allows remote attackers to cause a denial of service (crash) via a malformed log entry.
CVE-2002-1890 1 Redhat 1 Rhmask 2026-04-16 N/A
rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbitrary files via a symlink attack on the mask file.
CVE-2002-1891 1 Ayman Akt 1 Ircit 2026-04-16 N/A
Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request.
CVE-2002-1892 1 Netgear 1 Fvs318 2026-04-16 N/A
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.