Total
29800 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2442 | 1 F-secure | 5 F-secure Anti-virus, F-secure For Firewalls, F-secure Internet Security and 2 more | 2025-04-03 | N/A |
| Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system. | ||||
| CVE-2002-1030 | 1 Bea | 1 Weblogic Server | 2025-04-03 | N/A |
| Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections. | ||||
| CVE-2002-1031 | 1 Key Focus | 1 Kf Web Server | 2025-04-03 | N/A |
| KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character. | ||||
| CVE-2002-1032 | 1 Key Focus | 1 Kf Web Server | 2025-04-03 | N/A |
| Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header. | ||||
| CVE-2002-1035 | 1 Omnicron | 1 Omnihttpd | 2025-04-03 | N/A |
| Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number. | ||||
| CVE-2004-2471 | 1 Jamesoff | 1 Quoteengine | 2025-04-03 | N/A |
| SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2002-1051 | 1 Ehud Gavron | 1 Tracesroute | 2025-04-03 | N/A |
| Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument. | ||||
| CVE-2002-1055 | 1 Brother | 1 Nc-3100h | 2025-04-03 | N/A |
| Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password. | ||||
| CVE-2002-1052 | 1 W3c | 1 Jigsaw | 2025-04-03 | N/A |
| Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device. | ||||
| CVE-2002-1056 | 1 Microsoft | 2 Outlook, Word | 2025-04-03 | N/A |
| Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. | ||||
| CVE-2002-1057 | 1 Smartmax Software | 1 Mailmax | 2025-04-03 | N/A |
| Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command. | ||||
| CVE-2002-1054 | 1 Pablo Software Solutions | 1 Pablo Ftp Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. | ||||
| CVE-2002-1085 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Multiple cross-site scripting vulnerabilities in ezContents 1.41 and earlier allow remote attackers to execute script and steal cookies via the diary and other capabilities. | ||||
| CVE-2002-1086 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to conduct unauthorized activities. | ||||
| CVE-2002-1084 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests. | ||||
| CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request. | ||||
| CVE-2002-1100 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2025-04-03 | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface. | ||||
| CVE-2002-1103 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2025-04-03 | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets. | ||||
| CVE-2002-1104 | 1 Cisco | 1 Vpn Client | 2025-04-03 | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS). | ||||
| CVE-2002-1105 | 1 Cisco | 1 Vpn Client | 2025-04-03 | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password. | ||||