Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-1505 1 Tinc 1 Tinc 2026-04-16 N/A
tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets.
CVE-2002-1597 1 Cisco 1 Sn 5420 Storage Router Firmware 2026-04-16 N/A
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.
CVE-2002-0395 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods.
CVE-2002-0658 2 Ossp, Redhat 5 Mm, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
CVE-2002-1627 1 Mike Spice 1 Quiz Me 2026-04-16 N/A
Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! before 0.6 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the quiz parameter.
CVE-2001-1525 1 Easyscripts 1 Easynews 2026-04-16 N/A
Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.
CVE-2001-1526 1 Easyscripts 1 Easynews 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter.
CVE-2002-1628 1 Mike Spice 1 Mikes Vote Cgi 2026-04-16 N/A
Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the type parameter.
CVE-2001-1532 1 Web Crossing 1 Webx 2026-04-16 N/A
WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user sessions.
CVE-2002-0396 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session.
CVE-2002-0669 1 Pingtel 1 Xpressa 2026-04-16 N/A
The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of service by modifying the SIP_AUTHENTICATE_SCHEME value to force authentication of incoming calls, which does not notify the user when an authentication failure occurs.
CVE-2001-1535 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID's from cookies and gain unauthorized access via a brute force attack.
CVE-2002-0397 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
Red-M 1050 (Bluetooth Access Point) publicizes its name, IP address, and other information in UDP packets to a broadcast address, which allows any system on the network to obtain potentially sensitive information about the Access Point device by monitoring UDP port 8887.
CVE-2001-1540 1 David F. Mischler 1 Iproute 2026-04-16 N/A
IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header.
CVE-2004-2429 1 Enderunix Software 1 Spamguard 2026-04-16 N/A
Multiple stack-based and heap-based buffer overflows in EnderUNIX spamGuard before 1.7-BETA allow remote attackers to execute arbitrary code via the (1) qmail_parseline and (2) sendmail_parseline functions in parser.c, (3) loadconfig and (4) removespaces functions in loadconfig.c, and possibly (5) unspecified functions in functions.c.
CVE-2001-1545 1 Macromedia 1 Jrun 2026-04-16 N/A
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing.
CVE-2001-1548 1 Zonelabs 1 Zonealarm 2026-04-16 N/A
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.
CVE-2002-0675 1 Pingtel 1 Xpressa 2026-04-16 N/A
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware upgrade, which allows unauthorized users to upgrade the phone.
CVE-2004-2431 1 The Ignition Project 1 Ignitionserver 2026-04-16 N/A
Unknown vulnerability in The Ignition Project ignitionServer 0.1.2 through 0.3.1, with the linking service enabled, allows remote attackers to bypass authentication.
CVE-2002-1742 1 Paul Kulchenko 1 Soap Lite 2026-04-16 N/A
SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger.