Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-1725 1 Apple 1 Mac Os X Server 2026-04-16 N/A
launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.
CVE-2002-1044 1 Ultrafunk 1 Popcorn 2026-04-16 N/A
Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field.
CVE-2003-0101 3 Engardelinux, Usermin, Webmin 3 Guardian Digital Webtool, Usermin, Webmin 2026-04-16 N/A
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.
CVE-2002-1052 1 W3c 1 Jigsaw 2026-04-16 N/A
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
CVE-2003-0103 1 Nokia 1 6210 Handset 2026-04-16 N/A
Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of format string specifiers.
CVE-2002-1056 1 Microsoft 2 Outlook, Word 2026-04-16 N/A
Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to.
CVE-2002-1057 1 Smartmax Software 1 Mailmax 2026-04-16 N/A
Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.
CVE-2005-1733 1 Metro Marketing 1 Cookie Cart 2026-04-16 N/A
Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to passwd.txt.
CVE-2002-1062 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.
CVE-2002-1076 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
CVE-2002-1080 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.
CVE-2003-0106 1 Symantec 1 Enterprise Firewall 2026-04-16 N/A
The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
CVE-2002-1087 1 Visualshapers 1 Ezcontents 2026-04-16 N/A
The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request.
CVE-2002-0755 1 Freebsd 1 Freebsd 2026-04-16 N/A
Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root.
CVE-2002-0758 1 Suse 1 Suse Linux 2026-04-16 N/A
ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.
CVE-2002-0759 1 Bzip 1 Bzip2 2026-04-16 N/A
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, does not use the O_EXCL flag to create files during decompression and does not warn the user if an existing file would be overwritten, which could allow attackers to overwrite files via a bzip2 archive.
CVE-2002-0764 1 Phorum 1 Phorum 2026-04-16 N/A
Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.
CVE-2002-0753 1 Talentsoft 1 Web\+ Server 2026-04-16 N/A
Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie.
CVE-2002-0752 1 Cgiscript.net 1 Csmailto 2026-04-16 N/A
CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file.
CVE-2002-0739 1 Postnuke Software Foundation 1 Postcalendar 2026-04-16 N/A
Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page.