Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2182 | 1 Albinator | 1 Albinator | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in (1) eday.php, (2) eshow.php, or (3) forgot.php in albinator 2.0.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the Config_rootdir parameter. | ||||
| CVE-2002-1546 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence. | ||||
| CVE-2002-1551 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2002-1557 | 1 Cisco | 1 Optical Networking Systems Software | 2026-04-16 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | ||||
| CVE-2002-1574 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors. | ||||
| CVE-2002-0250 | 1 Hp | 7 Advancestack 10base-t Switching Hub J3200a, Advancestack 10base-t Switching Hub J3201a, Advancestack 10base-t Switching Hub J3202a and 4 more | 2026-04-16 | N/A |
| Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password. | ||||
| CVE-2002-1594 | 2 Grpck, Pwck | 2 Grpck, Pwck | 2026-04-16 | N/A |
| Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument. | ||||
| CVE-2002-1596 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2026-04-16 | N/A |
| Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (router crash) via an HTTP request with large headers. | ||||
| CVE-2002-1601 | 1 Adobe | 1 Photodeluxe | 2026-04-16 | N/A |
| The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page. | ||||
| CVE-2002-1620 | 1 Ibm | 1 Aix Parallel Systems Support Programs | 2026-04-16 | N/A |
| Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) 3.1.1, 3.2, and 3.4 allows remote attackers to read arbitrary files from a file collection. | ||||
| CVE-2006-3417 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could allow remote attackers to be preferred over nodes that are identified as more trustworthy "entry guard" (is_guard) systems by directory authorities. | ||||
| CVE-2002-1626 | 1 Mike Spice | 1 My Calendar | 2026-04-16 | N/A |
| Directory traversal vulnerability in Mike Spice My Calendar before 1.5 allows remote attackers to write arbitrary files via .. (dot dot) sequences in a URL. | ||||
| CVE-2002-1635 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin. | ||||
| CVE-2002-1640 | 1 Oracle | 1 Configurator | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiServlet servlet. | ||||
| CVE-2002-1641 | 1 Oracle | 1 Application Server Web Cache | 2026-04-16 | N/A |
| Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2002-1648 | 1 Squirrelmail | 1 Squirrelmail | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters. | ||||
| CVE-2002-0284 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname. | ||||
| CVE-2002-1684 | 2 Deerfield, Working Resources Inc. | 2 D2gfx, Badblue | 2026-04-16 | N/A |
| Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents. | ||||
| CVE-2002-1695 | 2 Microsoft, Symantec | 3 Internet Information Server, Internet Information Services, Norton Internet Security | 2026-04-16 | N/A |
| Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running. | ||||
| CVE-2002-0287 | 1 Powie | 1 Pforum | 2026-04-16 | N/A |
| pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default. | ||||