Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2864 1 Blueshoes 1 Blueshoes Framework 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in BlueShoes Framework 4.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) APP[path][applications] parameter to (a) Bs_Faq.class.php, (2) APP[path][core] parameter to (b) fileBrowserInner.php, (c) file.php, and (d) viewer.php, and (e) Bs_ImageArchive.class.php, (3) GLOBALS[APP][path][core] parameter to (f) Bs_Ml_User.class.php, or (4) APP[path][plugins] parameter to (g) Bs_Wse_Profile.class.php.
CVE-2002-1397 2 Postgresql, Redhat 3 Postgresql, Enterprise Linux, Linux 2026-04-16 N/A
Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow.
CVE-2002-1414 1 Inter7 1 Qmailadmin 2026-04-16 N/A
Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable.
CVE-2002-1419 1 Sgi 1 Irix 2026-04-16 N/A
The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address.
CVE-2002-1424 1 John G. Myers 1 Mpack 2026-04-16 N/A
Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2002-1519 2 Rapidstream, Watchguard 2 Rapidstream, Firebox 2026-04-16 N/A
Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password parameter.
CVE-2002-1525 2 Astaware, Sun 2 Searchdisc, Sunone Starter Kit 2026-04-16 N/A
Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017.
CVE-2002-1527 1 Emumail 1 Emu Webmail 2026-04-16 N/A
emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.
CVE-2002-1532 1 Surfcontrol 1 Superscout Email Filter 2026-04-16 N/A
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the interface to wait for the sequence and blocks other users from accessing it.
CVE-2002-1542 1 Solarwinds 1 Tftp Server 2026-04-16 N/A
SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.
CVE-2002-1546 1 Brs 1 Webweaver 2026-04-16 N/A
BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.
CVE-2002-1552 1 Novell 1 Edirectory 2026-04-16 N/A
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.
CVE-2002-1555 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information.
CVE-1999-0409 1 Suse 1 Suse Linux 2026-04-16 N/A
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.
CVE-2002-1674 1 Freebsd 1 Freebsd 2026-04-16 N/A
procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.
CVE-2002-1677 1 Mrtg 1 Mrtgconfig 2026-04-16 N/A
14all.cgi 1.1p15 in mrtgconfig allows remote attackers to determine the physical path to the web root directory via a request with an invalid cfg parameter, which generates an error message that reveals the path.
CVE-2002-1684 2 Deerfield, Working Resources Inc. 2 D2gfx, Badblue 2026-04-16 N/A
Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents.
CVE-2002-1694 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running.
CVE-2002-1699 1 Pascal Michaud 1 Asp Client Check 2026-04-16 N/A
SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field.
CVE-2002-1705 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight.