Export limit exceeded: 360938 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360938 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0222 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. | ||||
| CVE-2002-1941 | 1 Radiobird Software | 1 Web Server 4 Everyone | 2026-04-16 | N/A |
| Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request with the Host header set. | ||||
| CVE-2002-1942 | 1 Imatix | 1 Xitami | 2026-04-16 | N/A |
| Imatix Xitami 2.5 b5 does not properly terminate certain Keep-Alive connections that have been broken or closed early, which allows remote attackers to cause a denial of service (crash) via a large number of concurrent sessions. | ||||
| CVE-2002-1951 | 1 Goahead Software | 1 Goahead Webserver | 2026-04-16 | N/A |
| Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories. | ||||
| CVE-2005-3996 | 1 Zen-cart | 1 Zen Cart | 2026-04-16 | N/A |
| SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows remote attackers to execute arbitrary SQL commands via the admin_email parameter. | ||||
| CVE-2002-1957 | 1 Pen | 1 Pen | 2026-04-16 | N/A |
| Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to execute arbitrary commands via malformed log messages. | ||||
| CVE-2002-1981 | 1 Microsoft | 1 Sql Server | 2026-04-16 | N/A |
| Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings. | ||||
| CVE-2002-1985 | 1 Incognito Software Inc | 1 Ismtp Gateway | 2026-04-16 | N/A |
| iSMTP 5.0.1 allows remote attackers to cause a denial of service via a long "MAIL FROM" command, possibly triggering a buffer overflow. | ||||
| CVE-2002-1994 | 1 Gamecheats | 1 Advanced Web Server Professional | 2026-04-16 | N/A |
| advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence. | ||||
| CVE-2002-2001 | 2 Jmcce, Mandrakesoft | 2 Jmcce, Mandrake Linux | 2026-04-16 | N/A |
| jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2002-2009 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message. | ||||
| CVE-2002-2018 | 1 Sas | 2 Base, Integration Technologies | 2026-04-16 | N/A |
| sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault. | ||||
| CVE-2002-2020 | 1 Netgear | 1 Rp114 | 2026-04-16 | N/A |
| Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed. | ||||
| CVE-2002-2024 | 1 Horde | 1 Imp | 2026-04-16 | 5.3 Medium |
| Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages. | ||||
| CVE-2002-2036 | 1 Sun | 1 Ray Server Software | 2026-04-16 | N/A |
| Sun Ray Server Software (SRSS) 1.3, when Non-Smartcard Mobility (NSCM) is enabled, allows remote attackers to login as another user by running dtlogin from a system that supports the XDMCP client. | ||||
| CVE-2002-2048 | 1 Michael Baumer | 1 Pfinger | 2026-04-16 | N/A |
| Buffer overflow in PFinger 0.7.8 client allows remote attackers to execute arbitrary code via a long query value passed to the (1) finger program, (2) -l, (3) -d, and (4) -t options. NOTE: if PFinger is not setuid or setgid, then this issue would not cross privilege boundaries and would not be considered a vulnerability. | ||||
| CVE-2005-3895 | 1 Otrs | 1 Otrs | 2026-04-16 | N/A |
| Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which allows remote attackers to execute arbitrary web script or HTML. NOTE: this particular issue is referred to as XSS by some sources. | ||||
| CVE-2005-3903 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063. | ||||
| CVE-2002-2087 | 1 Borland Software | 1 Interbase | 2026-04-16 | N/A |
| Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | ||||
| CVE-2005-3919 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PBLang 4.65 allows remote attackers to inject arbitrary web script or HTML via multiple fields in (1) UCP.php and (2) SendPm.php. | ||||