Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1450 | 1 Ibm | 1 U2 Universe | 2026-04-16 | N/A |
| IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow. | ||||
| CVE-2003-1296 | 1 Efs Software | 1 Efs Web Server | 2026-04-16 | N/A |
| Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of service via (1) an "empty symbol" in the Title field or (2) certain data in the Your Message field, possibly a long argument. | ||||
| CVE-2003-1302 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters. | ||||
| CVE-2002-1461 | 1 Webscriptworld | 1 Web Shop Manager | 2026-04-16 | N/A |
| Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. | ||||
| CVE-2003-1309 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack"). | ||||
| CVE-2002-1470 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file. | ||||
| CVE-2002-1479 | 1 The Cacti Group | 1 Cacti | 2026-04-16 | N/A |
| Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges. | ||||
| CVE-2002-1482 | 1 Phpgb | 1 Phpgb | 2026-04-16 | N/A |
| SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry. | ||||
| CVE-2002-1488 | 1 Cerulean Studios | 1 Trillian | 2026-04-16 | N/A |
| The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) via a PART message with (1) a missing channel or (2) a channel that the Trillian user is not in. | ||||
| CVE-2002-1490 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes. | ||||
| CVE-2002-1502 | 1 Dave Brul | 1 Xbreaky | 2026-04-16 | N/A |
| Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file. | ||||
| CVE-2002-1507 | 1 Epic Games | 1 Unreal Tournament Server | 2026-04-16 | N/A |
| Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of service via malformed messages containing a small number of characters to UDP ports 7778 or 10777. | ||||
| CVE-2002-1513 | 1 Compaq | 1 Tcp-ip Services | 2026-04-16 | N/A |
| The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges. | ||||
| CVE-2002-1514 | 1 Borland Software | 1 Interbase | 2026-04-16 | N/A |
| gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file. | ||||
| CVE-2005-3320 | 1 Siteturn | 1 Domain Manager Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager Pro allows remote attackers to inject arbitrary web script or HTML via the err parameter in the panel script. | ||||
| CVE-2005-3346 | 1 Osh | 1 Osh | 2026-04-16 | N/A |
| Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call. | ||||
| CVE-2002-0570 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key. | ||||
| CVE-2002-0573 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. | ||||
| CVE-2002-0587 | 1 Aol | 1 Aol Server | 2026-04-16 | N/A |
| Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters. | ||||
| CVE-2002-0598 | 1 Foundstone | 1 Fscan | 2026-04-16 | N/A |
| Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner. | ||||