Total
29891 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1646 | 1 Ssh | 1 Secure Shell For Servers | 2026-04-16 | N/A |
| SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server. | ||||
| CVE-2002-1655 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2026-04-16 | N/A |
| The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request. | ||||
| CVE-2003-1035 | 1 Sap | 2 Sap R 3, Sapgui | 2026-04-16 | N/A |
| The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does. | ||||
| CVE-2002-1692 | 1 Microsoft | 1 Windows 95 | 2026-04-16 | N/A |
| Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up. | ||||
| CVE-2003-1044 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID. | ||||
| CVE-2001-0012 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | ||||
| CVE-2002-1699 | 1 Pascal Michaud | 1 Asp Client Check | 2026-04-16 | N/A |
| SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field. | ||||
| CVE-2002-1702 | 1 Deltascripts | 1 Php Classifieds | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. | ||||
| CVE-2003-1058 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files. | ||||
| CVE-2002-1714 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. | ||||
| CVE-2003-1061 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines. | ||||
| CVE-2002-1715 | 1 Ssh | 2 Ssh, Ssh2 | 2026-04-16 | N/A |
| SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. | ||||
| CVE-2002-1746 | 1 Maxim Krasnyansky | 1 Vtun | 2026-04-16 | N/A |
| Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets. | ||||
| CVE-2002-1758 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| PHProjekt 2.0 through 3.1 allows remote attackers to view or modify data via requests to certain scripts that do not verify if the user is logged in. | ||||
| CVE-2006-4782 | 1 Webspell | 1 Webspell | 2026-04-16 | N/A |
| src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php. | ||||
| CVE-2003-1088 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter. | ||||
| CVE-2002-1770 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer. | ||||
| CVE-2003-1089 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. | ||||
| CVE-2002-1782 | 1 University Of Washington | 1 Uw-imap | 2026-04-16 | N/A |
| The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user. | ||||
| CVE-2002-1788 | 1 Kim Storm | 1 Nn | 2026-04-16 | N/A |
| Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses. | ||||