Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1311 1 Double Precision Incorporated 1 Courier Mta 2026-04-16 N/A
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files.
CVE-2006-0120 1 Ibm 3 Lotus Domino, Lotus Domino Enterprise Server, Lotus Notes 2026-04-16 N/A
Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the "Delete Attachment" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN).
CVE-2002-1317 4 Hp, Sgi, Sun and 1 more 5 Hp-ux, Irix, Solaris and 2 more 2026-04-16 N/A
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
CVE-2006-3742 1 Kde 1 Kdebase 2026-04-16 N/A
The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwords to be cached, which allows attackers to login without a password by attempting to log in multiple times.
CVE-2002-1320 2 Redhat, University Of Washington 3 Enterprise Linux, Linux, Pine 2026-04-16 N/A
Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks (").
CVE-2006-0121 1 Ibm 3 Lotus Domino, Lotus Domino Enterprise Server, Lotus Notes 2026-04-16 N/A
Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory.
CVE-2002-1322 1 Rational Software 1 Clearcase 2026-04-16 N/A
Rational ClearCase 4.1, 2002.05, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain packets to port 371, e.g. via nmap.
CVE-2006-0122 1 Aquifer Cms 1 Aquifer Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Public/Index.asp in Aquifer CMS allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter.
CVE-2006-0124 1 Adn Forum 1 Adn Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in crear.php in ADN Forum 1.0b allows remote attackers to inject arbitrary web script or HTML via the titulo parameter, which is used by the "Topic name" field.
CVE-2006-3765 1 Huttenlocher Webdesign 1 Hwdeguest 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the "name input" field in new_entry.php.
CVE-2002-1437 1 Novell 1 Netware 2026-04-16 N/A
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences.
CVE-2002-1439 1 Hp 2 Virtualvault, Vvos 2026-04-16 N/A
Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.
CVE-2002-1441 1 Tomahawk Technologies 1 Steelarrow 2026-04-16 N/A
Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2) DLLHOST.EXE (Steelarrow.dll) via a request for a long .aro file, or (3) DLLHOST.EXE via a Chunked Transfer-Encoding request.
CVE-2002-1442 1 Google 1 Toolbar 2026-04-16 N/A
The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location to the toolbar's configuration URL, which bypasses the origin verification check.
CVE-2002-1443 1 Google 1 Toolbar 2026-04-16 N/A
The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler.
CVE-2002-1445 1 W3c 1 Cern Httpd 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page.
CVE-2006-3908 1 Gillius Programming 1 Game Networking Engine 2026-04-16 N/A
Format string vulnerability in the flush_output function in ConsoleStreambuf.cpp in Game Network Engine (GNE) 0.70 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console.
CVE-2002-1446 1 Ncipher 1 Pkcs 11 Library 2026-04-16 N/A
The error checking routine used for the C_Verify call on a symmetric verification key in the nCipher PKCS#11 library 1.2.0 and later returns the CKR_OK status even when it detects an invalid signature, which could allow remote attackers to modify or forge messages.
CVE-2002-1447 1 Cisco 1 Vpn Client 2026-04-16 N/A
Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument.
CVE-2002-1448 1 Avaya 3 Cajun M770-atm, Cajun P130, Cajun P330 2026-04-16 N/A
An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges.