Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-1274 2 Oracle, Redhat 2 Mysql, Linux 2026-04-16 N/A
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
CVE-2002-1441 1 Tomahawk Technologies 1 Steelarrow 2026-04-16 N/A
Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2) DLLHOST.EXE (Steelarrow.dll) via a request for a long .aro file, or (3) DLLHOST.EXE via a Chunked Transfer-Encoding request.
CVE-2002-1509 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
CVE-2001-1409 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, Xfree86 X Server 2026-04-16 N/A
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
CVE-2002-1526 1 Emumail 1 Emu Webmail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field.
CVE-2002-1533 1 Jetty 1 Jetty 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).
CVE-2002-1556 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR).
CVE-2003-1313 1 Eternalmart 1 Mailing List Manager 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php.
CVE-2001-1474 1 Ssh 1 Ssh 2026-04-16 N/A
SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
CVE-2001-1477 1 Bea 1 Tuxedo 2026-04-16 N/A
The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.
CVE-2002-1584 2 Sgi, Sun 3 Irix, Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.
CVE-2001-1505 1 Tinc 1 Tinc 2026-04-16 N/A
tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets.
CVE-2002-1597 1 Cisco 1 Sn 5420 Storage Router Firmware 2026-04-16 N/A
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.
CVE-2002-0658 2 Ossp, Redhat 5 Mm, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
CVE-2001-1532 1 Web Crossing 1 Webx 2026-04-16 N/A
WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user sessions.
CVE-2002-0396 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session.
CVE-2001-1545 1 Macromedia 1 Jrun 2026-04-16 N/A
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing.
CVE-2001-1548 1 Zonelabs 1 Zonealarm 2026-04-16 N/A
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.
CVE-2002-1743 1 Mirabilis 1 Icq 2026-04-16 N/A
AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of service (crash) via a malformed .hpf file.
CVE-2004-2434 1 Microsoft 1 Ie 2026-04-16 N/A
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string.