Search Results (362524 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0690 1 Kde 1 Kde 2026-04-16 N/A
The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory.
CVE-2004-0692 2 Redhat, Trolltech 2 Enterprise Linux, Qt 2026-04-16 N/A
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.
CVE-2006-4189 1 Boonex 1 Dolphin 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts.
CVE-2004-0695 1 4d 1 Webstar 2026-04-16 N/A
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.
CVE-2002-2004 1 Compaq 1 Tru64 2026-04-16 N/A
portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets.
CVE-2002-2005 1 Sun 1 Java Web Start 2026-04-16 N/A
Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors.
CVE-2002-2007 1 Apache 1 Tomcat 2026-04-16 N/A
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.
CVE-2002-2010 1 Htdig 1 Htdig 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in htsearch.cgi in htdig (ht://Dig) 3.1.5, 3.1.6, and 3.2 allows remote attackers to inject arbitrary web script or HTML via the words parameter.
CVE-2002-2014 1 Ibm 1 Lotus Domino 2026-04-16 N/A
Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks.
CVE-2002-2018 1 Sas 2 Base, Integration Technologies 2026-04-16 N/A
sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.
CVE-2002-2023 1 Yamaguchi 1 Shingo Beep2 2026-04-16 N/A
The get_parameter_from_freqency_source function in beep2 1.0, 1.1 and 1.2, when installed setuid root, allows local users to read arbitrary files via unknown attack vectors.
CVE-2002-2025 1 Ibm 1 Lotus Domino Server 2026-04-16 N/A
Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name.
CVE-2004-0699 1 Checkpoint 2 Firewall-1, Vpn-1 2026-04-16 N/A
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
CVE-2002-2026 1 Browseftp 1 Browseftp Client 2026-04-16 N/A
Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply.
CVE-2004-0701 1 Sun 1 Ray Server Software 2026-04-16 N/A
Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which could cause a user session to stay logged in and allow local users to gain unauthorized access.
CVE-2002-2033 1 Faqmanager 1 Faqmanager.cgi 2026-04-16 N/A
faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00).
CVE-2002-1892 1 Netgear 1 Fvs318 2026-04-16 N/A
NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information.
CVE-2002-1891 1 Ayman Akt 1 Ircit 2026-04-16 N/A
Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request.
CVE-2002-1890 1 Redhat 1 Rhmask 2026-04-16 N/A
rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbitrary files via a symlink attack on the mask file.
CVE-2002-1889 1 Logsurfer 1 Logsurfer 2026-04-16 N/A
Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5a allows remote attackers to cause a denial of service (crash) via a malformed log entry.