Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1755 | 1 Tinc | 1 Tinc | 2026-04-16 | N/A |
| tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC. | ||||
| CVE-2002-1756 | 1 Acd Systems | 1 Acdsee | 2026-04-16 | N/A |
| ACDSee 4.0 allows remote attackers to cause a denial of service (crash) via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed. | ||||
| CVE-2003-0175 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. | ||||
| CVE-2003-0848 | 2 Redhat, Slocate | 3 Enterprise Linux, Linux, Slocate | 2026-04-16 | N/A |
| Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used. | ||||
| CVE-2002-1757 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authentication, which allows remote attackers to bypass authentication for scripts via a request to a .php file with "sms" in the URL, which is included in the PATH_INFO portion of the $PHP_SELF variable, as demonstrated using "mail_send.php/sms". | ||||
| CVE-2003-0176 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan. | ||||
| CVE-2003-0853 | 3 Gnu, Redhat, Washington University | 4 Fileutils, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | ||||
| CVE-2003-1310 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack"). | ||||
| CVE-2002-1758 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| PHProjekt 2.0 through 3.1 allows remote attackers to view or modify data via requests to certain scripts that do not verify if the user is logged in. | ||||
| CVE-2003-0861 | 1 Php | 1 Php | 2026-04-16 | N/A |
| Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors. | ||||
| CVE-2003-1311 | 1 Netegrity | 1 Siteminder | 2026-04-16 | N/A |
| siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter. | ||||
| CVE-2003-0177 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently. | ||||
| CVE-2002-1759 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files. | ||||
| CVE-2003-1315 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. | ||||
| CVE-2002-1760 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 allow remote attackers to execute arbitrary SQL commands via the unknown attack vectors. | ||||
| CVE-2003-0192 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Linux and 2 more | 2026-04-16 | N/A |
| Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite. | ||||
| CVE-2003-0863 | 1 Php | 1 Php | 2026-04-16 | N/A |
| The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications. | ||||
| CVE-2003-1313 | 1 Eternalmart | 1 Mailing List Manager | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php. | ||||
| CVE-2003-1316 | 1 Endonesia | 1 Endonesia | 2026-04-16 | N/A |
| mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2004-0034 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable in login.php. | ||||