Export limit exceeded: 366908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26474 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1874 1 Astrocam 1 Astrocam 2026-04-16 N/A
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.
CVE-2003-0795 4 Gnu, Quagga, Redhat and 1 more 5 Zebra, Quagga, Enterprise Linux and 2 more 2026-04-16 N/A
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
CVE-2003-0637 1 Novell 1 Ichain 2026-04-16 N/A
Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.
CVE-2003-0567 1 Cisco 3 Ios, Ons 15454 Optical Transport Platform, Optical Networking Systems Software 2026-04-16 N/A
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
CVE-2002-2406 1 Perception 1 Liteserve 2026-04-16 N/A
Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request.
CVE-2002-2393 1 Solarwinds 1 Serv-u File Server 2026-04-16 N/A
Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands.
CVE-2002-2380 2 Arescom, Microsoft 2 Netdsl, Network Firmware 2026-04-16 N/A
NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic.
CVE-2002-2317 1 Symantec 1 Velociraptor 2026-04-16 N/A
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
CVE-2002-2322 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
CVE-2002-2371 1 Linksys 1 Wet11 2026-04-16 N/A
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header.
CVE-2002-2369 1 Perception 1 Liteserve 2026-04-16 N/A
Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./" in a URL.
CVE-2002-2365 1 Springer Verlag Berlin Heidelberg 1 Simple Wais 2026-04-16 N/A
Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character.
CVE-2002-2354 1 Netgear 1 Fm114p 2026-04-16 N/A
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.
CVE-2002-2349 1 Phpbb 1 Phpbbmod 2026-04-16 N/A
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information.
CVE-2002-2346 1 Phpbb 1 Phpbb 2026-04-16 N/A
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
CVE-2002-2342 1 Joe Depasquale 1 Bannermatic 2026-04-16 N/A
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files.
CVE-2002-2338 2 Mozilla, Netscape 3 Mozilla, Communicator, Navigator 2026-04-16 N/A
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
CVE-2002-2329 1 Mirabilis 1 Icq 2026-04-16 N/A
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
CVE-2026-28131 2 Wordpress, Wpvibes 2 Wordpress, Elementor Addon Elements 2026-04-16 6.5 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder allows Retrieve Embedded Sensitive Data.This issue affects Elementor Addon Elements: from n/a through <= 1.14.4.
CVE-2026-34045 2 Linuxfoundation, Podman-desktop 2 Podman Desktop, Podman-desktop 2026-04-15 8.2 High
Podman Desktop is a graphical tool for developing on containers and Kubernetes. Prior to 1.26.2, an unauthenticated HTTP server exposed by Podman Desktop allows any network attacker to remotely trigger denial-of-service conditions and extract sensitive information. By abusing missing connection limits and timeouts, an attacker can exhaust file descriptors and kernel memory, leading to application crash or full host freeze. Additionally, verbose error responses disclose internal paths and system details (including usernames on Windows), aiding further exploitation. The issue requires no authentication or user interaction and is exploitable over the network. This vulnerability is fixed in 1.26.2.