ReportizFlow
Filtered by vendor
Subscriptions
Total
29926 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1554 | 1 Cisco | 1 Optical Networking Systems Software | 2026-04-16 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup. | ||||
| CVE-2002-1563 | 2 Redhat, Stunnel | 3 Enterprise Linux, Linux, Stunnel | 2026-04-16 | N/A |
| stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter. | ||||
| CVE-2002-1573 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to "wrap handling." | ||||
| CVE-2002-1581 | 2 Debian, Mailreader.com | 2 Debian Linux, Mailreader.com | 2026-04-16 | N/A |
| Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter. | ||||
| CVE-2002-1615 | 1 Hp | 2 Hp-ux, Tru64 | 2026-04-16 | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader. | ||||
| CVE-2002-1650 | 1 Squirrelmail | 1 Squirrelmail | 2026-04-16 | N/A |
| The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspell_command parameter. | ||||
| CVE-2002-1715 | 1 Ssh | 2 Ssh, Ssh2 | 2026-04-16 | N/A |
| SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. | ||||
| CVE-2002-1738 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaemon mail account with a password of MServer, which could allow remote attackers to send anonymous email. | ||||
| CVE-2002-1781 | 1 Delegate | 1 Delegate | 2026-04-16 | N/A |
| Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy. | ||||
| CVE-2002-1832 | 1 Scaramanga | 1 Firestorm Ids | 2026-04-16 | N/A |
| Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service (crash) via certain IP options. | ||||
| CVE-2002-1897 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow. | ||||
| CVE-2002-2009 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message. | ||||
| CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2026-04-16 | N/A |
| TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | ||||
| CVE-2001-1482 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute arbitrary SQL queries via the $sortby variable. | ||||
| CVE-2006-1126 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP address via a modified X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTE_ADDR. | ||||
| CVE-2005-0907 | 1 Valdersoft | 1 Shopping Cart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to category.php, (2) the id parameter to item.php, (3) the lang parameter to index.php, (4) the searchQuery parameter to search_result.php, (5) or the searchTopCategoryID parameter to search_result.php. | ||||
| CVE-2005-1180 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter. | ||||
| CVE-2003-1118 | 1 University Of California | 1 Seti At Home | 2026-04-16 | N/A |
| Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a denial of service (client crash) and execute arbitrary code via a spoofed server response containing a long string followed by a \n (newline) character. | ||||
| CVE-2005-0912 | 1 Deplate | 1 Deplate | 2026-04-16 | N/A |
| Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb. | ||||
| CVE-2005-4764 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and WebLogic Express 9.0, 8.1, and 7.0 lock out the admin user account after multiple incorrect password guesses, which allows remote attackers who know or guess the admin account name to cause a denial of service (blocked admin logins). | ||||