Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1461 1 Cisco 2 Secure Access Control Server, Secure Acs Solution Engine 2026-04-16 N/A
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.
CVE-2002-0271 1 Ada Core Technologies 1 Gnat Pro Native 2026-04-16 N/A
Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files.
CVE-2002-0273 1 Netwin 1 Cwmail 2026-04-16 N/A
Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote authenticated users to execute arbitrary code via a long item parameter.
CVE-2002-0278 1 Add2it 1 Mailman Free 2026-04-16 N/A
Directory traversal vulnerability in Add2it Mailman Free 1.73 and earlier allows remote attackers to modify arbitrary files via a .. (dot dot) in the list parameter.
CVE-2002-0291 1 Funsoft 1 Dinos Webserver 2026-04-16 N/A
Dino's Webserver 1.2 allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via several large HTTP requests within a short time.
CVE-2005-1039 1 Gnu 1 Coreutils 2026-04-16 N/A
Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.
CVE-2002-0295 1 Alcatel-lucent 1 Omnipcx 2026-04-16 N/A
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges.
CVE-2004-1468 2 Usermin, Webmin 2 Usermin, Webmin 2026-04-16 N/A
The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message.
CVE-2005-4046 1 Sun 2 Java System Application Server, One Application Server 2026-04-16 N/A
Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct man-in-the-middle (MITM) attacks and "compromise data privacy."
CVE-2002-0280 1 Codeblue 1 Codeblue 2026-04-16 N/A
Buffer overflow in CodeBlue 4 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via a long string in an SMTP reply.
CVE-2002-0285 1 Microsoft 1 Outlook Express 2026-04-16 N/A
Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers.
CVE-2002-0296 1 Tarantella 1 Tarantella Enterprise 2026-04-16 N/A
The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.
CVE-2002-0298 1 Nombas 1 Scriptease Webserver 2026-04-16 N/A
ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character.
CVE-2005-0770 1 Datarescue 1 Ida Pro 2026-04-16 N/A
Format string vulnerability in DataRescue Interactive Disassembler and Debugger (IDA) Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service (CPU consumption or application crash) and possibly execute arbitrary code via format string specifiers in a dynamic link library (DLL) name.
CVE-2002-0300 1 Gnujsp 1 Gnujsp 2026-04-16 N/A
gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file.
CVE-2005-0771 1 Symantec Veritas 1 Backup Exec 2026-04-16 N/A
VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106.
CVE-2002-0309 1 Symantec 1 Enterprise Firewall 2026-04-16 N/A
SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
CVE-2005-2685 1 Savewebportal 1 Savewebportal 2026-04-16 N/A
SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demonstrated using header.php in the fichier parameter. NOTE: it is possible that this vulnerability stems from PhpMyExplorer, which is a separate package.
CVE-2005-4052 1 E107 1 E107 2026-04-16 N/A
e107 0.6174 allows remote attackers to redirect users to other web sites via the download parameter in rate.php, which is used after a user submits a file download rating. NOTE: in the default installation, the e_BASE variable restricts the redirection to the same web site.
CVE-2005-2686 1 Savewebportal 1 Savewebportal 2026-04-16 N/A
Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.