Export limit exceeded: 365250 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365250 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1118 | 1 Oracle | 2 Oracle8i, Oracle9i | 2026-04-16 | N/A |
| TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command. | ||||
| CVE-2002-1119 | 2 Python, Redhat | 3 Python, Enterprise Linux, Linux | 2026-04-16 | N/A |
| os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack. | ||||
| CVE-2002-1120 | 1 Savant | 1 Savant Web Server | 2026-04-16 | N/A |
| Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2002-1121 | 4 Gfi, Network Associates, Roaring Penguin and 1 more | 5 Mailsecurity, Webshield Smtp, Canit and 2 more | 2026-04-16 | N/A |
| SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type. | ||||
| CVE-2002-1122 | 1 Iss | 1 Internet Scanner | 2026-04-16 | N/A |
| Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response. | ||||
| CVE-2002-1123 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow. | ||||
| CVE-2002-1124 | 1 Purity | 1 Purity | 2026-04-16 | N/A |
| Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables. | ||||
| CVE-2002-1125 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory. | ||||
| CVE-2002-1126 | 3 Galeon, Mozilla, Redhat | 4 Galeon Browser, Mozilla, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler. | ||||
| CVE-2002-1127 | 1 Digital | 1 Osf 1 | 2026-04-16 | N/A |
| Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter. | ||||
| CVE-2002-1128 | 1 Digital | 2 Osf 1, Ultrix | 2026-04-16 | N/A |
| Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable. | ||||
| CVE-2002-1129 | 2 Compaq, Digital | 2 Tru64, Osf 1 | 2026-04-16 | N/A |
| Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument. | ||||
| CVE-2002-1131 | 2 Redhat, Squirrelmail | 2 Linux, Squirrelmail | 2026-04-16 | N/A |
| Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php. | ||||
| CVE-2002-1132 | 2 Redhat, Squirrelmail | 2 Linux, Squirrelmail | 2026-04-16 | N/A |
| SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script. | ||||
| CVE-2002-1133 | 1 Funsoft | 1 Dinos Webserver | 2026-04-16 | N/A |
| Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "\" (%5c) characters. | ||||
| CVE-2002-1134 | 1 Hp | 1 Webes Service Tools | 2026-04-16 | N/A |
| Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files. | ||||
| CVE-2002-1135 | 1 Phpwebsite | 1 Phpwebsite | 2026-04-16 | N/A |
| modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, allows remote attackers to execute arbitrary PHP source code via an inc_prefix parameter that points to the malicious code. | ||||
| CVE-2002-1137 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644. | ||||
| CVE-2002-1177 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag. | ||||
| CVE-2002-1138 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka "Flaw in Output File Handling for Scheduled Jobs." | ||||