Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1219 1 Oscommerce 1 Oscommerce 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter.
CVE-2002-1452 1 Mywebserver 1 Mywebserver 2026-04-16 N/A
Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter.
CVE-2002-2195 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.
CVE-2003-1220 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (proxy plugin crash) via a malformed URL.
CVE-2002-1453 1 Mywebserver 1 Mywebserver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote attackers to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error message.
CVE-2002-1454 1 Mywebserver 1 Mywebserver 2026-04-16 N/A
MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist, which leaks the pathname in an error message.
CVE-2002-1455 1 Omnicron 1 Omnihttpd 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.
CVE-2002-2197 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.
CVE-2003-0579 1 Ibm 1 U2 Universe 2026-04-16 N/A
uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by providing a pathname that is under control of the user.
CVE-2003-1221 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions.
CVE-2002-1456 1 Khaled Mardam-bey 1 Mirc 2026-04-16 N/A
Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value.
CVE-2002-1501 1 Enterasys 1 Smartswitch Ssr8000 2026-04-16 N/A
The MPS functionality in Enterasys SSR8000 (Smart Switch Router) before firmware 8.3.0.10 allows remote attackers to cause a denial of service (crash) via multiple port scans to ports 15077 and 15078.
CVE-2003-0618 3 Debian, Perl, Redhat 3 Debian Linux, Suidperl, Enterprise Linux 2026-04-16 N/A
Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
CVE-2003-1246 1 Pedestal Software 1 Integrity Protection Driver 2026-04-16 N/A
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command.
CVE-2002-1502 1 Dave Brul 1 Xbreaky 2026-04-16 N/A
Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file.
CVE-2002-1504 1 Radiobird Software 1 Webserver 4 Everyone 2026-04-16 N/A
Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a URL.
CVE-2002-1505 1 Woltlab 1 Burning Board 2026-04-16 N/A
SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.
CVE-2002-1506 1 Jacques Gelinas 1 Linuxconf 2026-04-16 N/A
Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.
CVE-2003-0620 1 Andries Brouwer 1 Man 2026-04-16 N/A
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so argument to test_for_include in ult_src.c, (4) a long MANPATH environment variable, or (5) a long PATH environment variable.
CVE-2002-1507 1 Epic Games 1 Unreal Tournament Server 2026-04-16 N/A
Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of service via malformed messages containing a small number of characters to UDP ports 7778 or 10777.