Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0737 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character. | ||||
| CVE-2002-0734 | 1 Michel Valdrighi | 1 B2 | 2026-04-16 | N/A |
| b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server. | ||||
| CVE-2002-0728 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. | ||||
| CVE-2002-0727 | 1 Microsoft | 2 Office Web Components, Project | 2026-04-16 | N/A |
| The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method. | ||||
| CVE-2002-0726 | 1 Microsoft | 1 Tsac Activex Control | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to execute arbitrary code via a long server name field. | ||||
| CVE-2001-0486 | 1 Novell | 1 Bordermanager | 2026-04-16 | N/A |
| Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353. | ||||
| CVE-2002-1352 | 1 Per Magne Knutsen | 1 Cartman | 2026-04-16 | N/A |
| Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product prices by changing the price parameter. | ||||
| CVE-2003-1116 | 1 Oracle | 1 E-business Suite | 2026-04-16 | N/A |
| The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. | ||||
| CVE-2002-1367 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2026-04-16 | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke. | ||||
| CVE-2002-1371 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2026-04-16 | N/A |
| filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | ||||
| CVE-2002-1378 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | ||||
| CVE-2002-1387 | 1 Ehud Gavron | 1 Tracesroute | 2026-04-16 | N/A |
| The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes (number of probes) argument. | ||||
| CVE-2002-1396 | 2 Php, Redhat | 2 Php, Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2003-1159 | 1 Plug And Play | 1 Plug And Play Web Server Proxy | 2026-04-16 | N/A |
| Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080. | ||||
| CVE-2002-1399 | 1 Postgresql | 1 Postgresql | 2026-04-16 | N/A |
| Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cash_out(2). | ||||
| CVE-2002-1403 | 1 Phystech | 1 Dhcpcd | 2026-04-16 | N/A |
| dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script. | ||||
| CVE-2003-1200 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi. | ||||
| CVE-2000-0440 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2026-04-16 | N/A |
| NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option. | ||||
| CVE-2002-1417 | 1 Novell | 2 Netware, Small Business Suite | 2026-04-16 | N/A |
| Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. | ||||
| CVE-2002-1421 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php. | ||||