Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0617 | 1 Microsoft | 2 Excel, Office | 2026-04-16 | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass." | ||||
| CVE-2002-0620 | 1 Microsoft | 1 Commerce Server | 2026-04-16 | N/A |
| Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote attackers to cause the server to fail or run arbitrary code in the LocalSystem security context via an input field using an affected API. | ||||
| CVE-2002-0621 | 1 Microsoft | 1 Commerce Server | 2026-04-16 | N/A |
| Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote attackers to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer. | ||||
| CVE-2005-3481 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed. | ||||
| CVE-2005-3502 | 1 Cerberus | 1 Cerberus Helpdesk | 2026-04-16 | N/A |
| attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter. | ||||
| CVE-2000-0816 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters. | ||||
| CVE-2005-3505 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote attackers to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processed by Internet Explorer. | ||||
| CVE-2002-0643 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain privileges, aka "SQL Server Installation Process May Leave Passwords on System." | ||||
| CVE-2001-0005 | 1 Microsoft | 1 Powerpoint | 2026-04-16 | N/A |
| Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands. | ||||
| CVE-2002-0651 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | ||||
| CVE-2002-0667 | 1 Pingtel | 1 Xpressa | 2026-04-16 | N/A |
| Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone. | ||||
| CVE-2002-0678 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2026-04-16 | N/A |
| CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. | ||||
| CVE-2002-0690 | 1 Mcafee | 1 Epolicy Orchestrator | 2026-04-16 | N/A |
| Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings. | ||||
| CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2026-04-16 | N/A |
| ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | ||||
| CVE-2002-0713 | 2 Redhat, Squid | 3 Enterprise Linux, Linux, Squid | 2026-04-16 | N/A |
| Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated. | ||||
| CVE-2001-0486 | 1 Novell | 1 Bordermanager | 2026-04-16 | N/A |
| Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353. | ||||
| CVE-2002-0728 | 2 Greg Roelofs, Redhat | 3 Libpng, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. | ||||
| CVE-2002-0734 | 1 Michel Valdrighi | 1 B2 | 2026-04-16 | N/A |
| b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server. | ||||
| CVE-2002-0737 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character. | ||||
| CVE-2002-0755 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. | ||||