Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1783 1 Php 1 Php 2026-04-16 N/A
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.
CVE-2003-0262 1 Leksbot 1 Leksbot 2026-04-16 N/A
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.
CVE-2003-0967 2 Freeradius, Redhat 2 Freeradius, Enterprise Linux 2026-04-16 N/A
rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.
CVE-2003-0263 1 Floosietek 1 Ftgatepro 2026-04-16 N/A
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
CVE-2002-1784 1 Hp 1 Tru64 2026-04-16 N/A
Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors.
CVE-2003-0968 1 Freeradius 1 Freeradius 2026-04-16 N/A
Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.
CVE-2003-1324 1 Elmme-mailer 1 Elm Me\+ 2026-04-16 N/A
Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group.
CVE-2002-1785 1 Zeus Technologies 1 Zeus Web Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 through 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section parameter to index.fcgi.
CVE-2002-1786 1 Sgi 1 Irix 2026-04-16 N/A
SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.
CVE-2002-1787 1 Sgi 1 Irix 2026-04-16 N/A
Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors.
CVE-2003-0264 1 Seattle Lab Software 1 Slmail 2026-04-16 N/A
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.
CVE-2002-1788 1 Kim Storm 1 Nn 2026-04-16 N/A
Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.
CVE-2003-0265 1 Sap 1 Sap Db 2026-04-16 N/A
Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.
CVE-2002-1789 1 Newsx 1 Newsx 2026-04-16 N/A
Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function.
CVE-2003-0266 1 Bvrp Software 1 Slwebmail 2026-04-16 N/A
Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll.
CVE-2003-0275 1 Yabb 1 Yabb 2026-04-16 N/A
SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code.
CVE-2002-1791 1 Sgi 1 Irix 2026-04-16 N/A
SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.
CVE-2003-0279 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php.
CVE-2003-0969 1 Mpg321 1 Mpg321 2026-04-16 N/A
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.
CVE-2002-1792 1 Fake Identd 1 Fake Identd 2026-04-16 N/A
Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as root via a long request that is split into multiple packets.