Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0344 1 Symantec 1 Liveupdate 2026-04-16 N/A
Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.
CVE-2002-0353 2 Ethereal Group, Redhat 3 Ethereal, Linux, Powertools 2026-04-16 N/A
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.
CVE-2004-0275 1 Bosdev 1 Bosdates 2026-04-16 N/A
SQL injection vulnerability in calendar_download.php in BosDates 3.2 and earlier allows remote attackers to obtain sensitive information and gain access via the calendar parameter.
CVE-2002-0358 1 Sgi 1 Mediamail 2026-04-16 N/A
MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges.
CVE-2002-0360 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program.
CVE-2002-0363 2 Aladdin Enterprises, Redhat 3 Ghostscript, Enterprise Linux, Linux 2026-04-16 N/A
ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice.
CVE-2002-0424 1 Efingerd 1 Efingerd 2026-04-16 N/A
efingerd 1.61 and earlier, when configured without the -u option, executes .efingerd files as the efingerd user (typically "nobody"), which allows local users to gain privileges as the efingerd user by modifying their own .efingerd file and running finger.
CVE-2002-0430 1 Sun 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 2026-04-16 N/A
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
CVE-2002-0432 1 Citadel 1 Ux 2026-04-16 N/A
Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks such as a long HELO command to the SMTP server.
CVE-2002-0433 1 Pi3 1 Pi3web 2026-04-16 N/A
Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character.
CVE-2002-0434 1 Marcus S. Xenakis 1 Directory.php 2026-04-16 N/A
Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter.
CVE-2002-0436 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.
CVE-2004-0303 1 Fools Workshop 1 Owls Workshop 2026-04-16 N/A
OWLS 1.0 allows remote attackers to retrieve arbitrary files via absolute pathnames in (1) the file parameter in /glossaries/index.php, (2) the filename parameter in /readings/index.php, or (3) the filename parameter in /multiplechoice/resultsignore.php, as demonstrated using /etc/passwd.
CVE-2006-1517 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2026-04-16 N/A
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
CVE-2006-4744 1 Abidia 2 Abidia Wireless, O-anywhere 2026-04-16 N/A
Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing.
CVE-2002-0437 1 Stefan Frings 1 Sms Server Tools 2026-04-16 N/A
Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote attackers to execute arbitrary commands via shell metacharacters (backquotes) in message text, as described with the term "string format vulnerability" by some sources.
CVE-2002-0440 1 Trend Micro 1 Interscan Viruswall 2026-04-16 N/A
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.
CVE-2002-0442 1 Caldera 1 Openserver 2026-04-16 N/A
Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.
CVE-2004-0304 1 Webcortex 1 Webstores 2000 2026-04-16 N/A
SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.
CVE-2002-0447 1 Xerver 1 Xerver 2026-04-16 N/A
Directory traversal vulnerability in Xerver Free Web Server 2.10 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in an HTTP GET request.