Search Results (45946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1820 1 Ultimate Php Board Project 1 Ultimate Php Board 2026-04-16 9.8 Critical
register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."
CVE-2001-0249 3 Hp, Oracle, Sgi 3 Hp-ux, Solaris, Irix 2026-04-16 9.8 Critical
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.
CVE-2003-1352 1 Gabber 1 Gabber 2026-04-16 N/A
Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing.
CVE-2003-1354 1 Gamespy3d 1 Gamespy 3d 2026-04-16 N/A
Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942.
CVE-2001-0248 2 Hp, Sgi 2 Hp-ux, Irix 2026-04-16 9.8 Critical
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.
CVE-2002-2263 1 Hp 2 Hp-ux, Visualize Conference Ftp 2026-04-16 N/A
The installation program for HP-UX Visualize Conference B.11.00.11 running on HP-UX 11.00 and 11.11 installs /etc/dt and its subdirecties with insecure permissions, which allows local users to read or write arbitrary files.
CVE-2003-1362 1 Hp 2 Bastille, Hp-ux 2026-04-16 N/A
Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.
CVE-2002-2257 1 Tuxbr 1 Libcgi 2026-04-16 N/A
Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument.
CVE-2003-1388 1 Opera 1 Opera Browser 2026-04-16 N/A
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension.
CVE-2002-2258 1 Mobydisk 1 Netsuite 2026-04-16 N/A
Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi function call.
CVE-2002-2259 2 Gnuplot, Suse 2 Gnuplot, Suse Linux 2026-04-16 N/A
Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.
CVE-2002-2268 1 Netdave 1 Webster Http Server 2026-04-16 N/A
Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.
CVE-2002-2271 1 Bigfun 1 Bigfun 2026-04-16 N/A
Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string.
CVE-2002-2272 1 Apache 2 Http Server, Tomcat 2026-04-16 N/A
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
CVE-1999-1568 1 Ncftp 1 Ncftpd Server 2026-04-16 7.5 High
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
CVE-2002-2280 1 Openbsd 1 Openbsd 2026-04-16 N/A
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server.
CVE-2003-1426 1 Cpanel 1 Cpanel 2026-04-16 N/A
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable.
CVE-2002-2285 1 Broadcom 1 Inoculateit 2026-04-16 N/A
eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection.
CVE-2002-2286 1 Apt-www-proxy 1 Apt-www-proxy 2026-04-16 N/A
The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of service (crash) via an empty HTTP request, which causes a null dereference.
CVE-2002-2295 1 Pico Server 1 Pico Server 2026-04-16 N/A
Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or (2) a long method name in an HTTP request, (3) a long version number in an HTTP request, (4) a long User-Agent header, or (5) a long file path.