Search Results (362270 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2099 1 Gnu 1 Data Display Debugger 2026-04-16 N/A
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE.
CVE-2002-2103 1 Apache 1 Http Server 2026-04-16 N/A
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
CVE-2005-0247 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
CVE-2002-0291 1 Funsoft 1 Dinos Webserver 2026-04-16 N/A
Dino's Webserver 1.2 allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via several large HTTP requests within a short time.
CVE-2002-2105 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file.
CVE-2002-2106 1 Wikkitikkitavi 1 Wikkitikkitavi 2026-04-16 N/A
PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.
CVE-2002-2109 1 Matt Wright 1 Formmail 2026-04-16 N/A
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer.
CVE-2002-2111 1 Gianni Tedesco 1 Fwmon 2026-04-16 N/A
Fwmon before 1.0.10 allows remote attackers to cause a denial of service (crash) by causing the kernel to return a large packet.
CVE-2002-2114 1 Netjuke 1 Netjuke 2026-04-16 N/A
Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server, possibly via the section parameter, which is passed to an eval call.
CVE-2002-2118 1 Blue World Communications 1 Lasso Web Data Engine 2026-04-16 N/A
Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote attackers to cause a denial of service via a long URL.
CVE-2005-2720 1 Hauri 4 Livecall, Virobot Advanced Server, Virobot Expert and 1 more 2026-04-16 N/A
Stack-based buffer overflow in the ACE archive decompression library (vrAZace.dll) in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall, when compressed file scanning is enabled, allows remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.
CVE-2002-2119 1 Novell 1 Edirectory 2026-04-16 9.8 Critical
Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.
CVE-2005-0249 1 Symantec 11 Antivirus Scan Engine, Brightmail Antispam, Client Security and 8 more 2026-04-16 N/A
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
CVE-2002-2120 1 Qnx 1 Rtos 2026-04-16 N/A
Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to (1) Watcom or (2) int10.
CVE-2002-2121 1 Surfcontrol 1 Superscout Email Filter 2026-04-16 N/A
SurfControl SuperScout Email filter for SMTP 3.5.1 allows remote attackers to cause a denial of service (crash) via a long SMTP (1) HELO or (2) RCPT TO command, possibly due to a buffer overflow.
CVE-2002-2122 1 Pointsec Mobile Technologies 1 Pointsec 2026-04-16 N/A
Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in plaintext, which allows a local attacker who steals an unlocked Palm to retrieve the PIN by dumping memory.
CVE-2002-2123 1 Gallery Project 1 Gallery 2026-04-16 N/A
PHP remote file inclusion vulnerability in publish_xp_docs.php for Gallery 1.3.2 allows remote attackers to inject arbitrary PHP code by specifying a URL to an init.php file in the GALLERY_BASEDIR parameter.
CVE-2005-0251 1 Guillaumegardey 1 Biborb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the search parameter.
CVE-2002-2125 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack.
CVE-2002-2128 1 W-agora 1 W-agora 2026-04-16 N/A
editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter.