Search Results (363759 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2047 1 Sketch 1 Sketch 2026-04-16 N/A
The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.
CVE-2002-2035 1 Realityscape 1 Mylogin 2000 2026-04-16 N/A
SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password in the login form.
CVE-2002-2034 1 John Hardin 1 Procmail Email Sanitizer 2026-04-16 N/A
The Email Sanitizer before 1.133 for Procmail allows remote attackers to bypass the mail filter and execute arbitrary code via crafted recursive multipart MIME attachments.
CVE-2002-2033 1 Faqmanager 1 Faqmanager.cgi 2026-04-16 N/A
faqmanager.cgi in FAQManager 2.2.5 and earlier allows remote attackers to read arbitrary files by specifying the filename in the toc parameter with a trailing null character (%00).
CVE-2002-2027 1 Doow 1 Doow 2026-04-16 N/A
Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, which allows remote attackers to perform unauthorized activities.
CVE-2002-2026 1 Browseftp 1 Browseftp Client 2026-04-16 N/A
Buffer overflow in BrowseFTP 1.62 client allows remote FTP servers to execute arbitrary code via a long FTP "220" message reply.
CVE-2006-3322 1 Spiffyjr 1 Phpraid 2026-04-16 N/A
SQL injection vulnerability in includes/functions_logging.php in phpRaid 3.0.5, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the log_hack function.
CVE-2002-2019 1 Oscommerce 1 Oscommerce 2026-04-16 N/A
PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter.
CVE-2002-2018 1 Sas 2 Base, Integration Technologies 2026-04-16 N/A
sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.
CVE-2002-2017 1 Sas 2 Base, Integration Technologies 2026-04-16 N/A
sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.
CVE-2002-2016 1 User-mode Linux 1 User-mode Linux 2026-04-16 N/A
User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code.
CVE-2002-2014 1 Ibm 1 Lotus Domino 2026-04-16 N/A
Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks.
CVE-2005-0183 1 Squirrelmail 1 Vacation Plugin 2026-04-16 N/A
ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to execute arbitrary commands via shell metacharacters in a command line argument.
CVE-2006-3307 1 Zoid Technologies 1 Project Eros Bbsengine 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Project EROS bbsengine before bbsengine-20060429-1550-jam allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters in the php/comment.php and (2) the getpartialmatches method in php/aolbonics.php.
CVE-2005-0173 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
CVE-2005-0155 2 Larry Wall, Redhat 2 Perl, Enterprise Linux 2026-04-16 N/A
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.
CVE-2002-1980 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.
CVE-2002-1970 1 Snortcenter 1 Snortcenter 2026-04-16 N/A
SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers.
CVE-2002-1969 1 The Magic Notebook 1 The Magic Notebook 2026-04-16 N/A
Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login.
CVE-2006-3304 1 Deluxebb 1 Deluxebb 2026-04-16 N/A
SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier allows remote attackers to execute arbitrary SQL commands via the xmsn parameter.