Export limit exceeded: 344927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344927 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1035 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number. | ||||
| CVE-2002-1036 | 1 Zoltan Milosevic | 1 Fluid Dynamics Search Engine | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters. | ||||
| CVE-2002-1040 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames. | ||||
| CVE-2002-1041 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. | ||||
| CVE-2002-2218 | 1 Sips | 1 Sips | 2026-04-16 | N/A |
| CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value. | ||||
| CVE-2002-2220 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | N/A |
| Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | ||||
| CVE-2002-1043 | 1 Ultrafunk | 1 Popcorn | 2026-04-16 | N/A |
| Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Subject ("\t\t"). | ||||
| CVE-2002-1044 | 1 Ultrafunk | 1 Popcorn | 2026-04-16 | N/A |
| Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field. | ||||
| CVE-2003-0028 | 11 Cray, Freebsd, Gnu and 8 more | 15 Unicos, Freebsd, Glibc and 12 more | 2026-04-16 | N/A |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. | ||||
| CVE-2003-0033 | 1 Snort | 1 Snort | 2026-04-16 | N/A |
| Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets. | ||||
| CVE-2003-0052 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. | ||||
| CVE-2003-0054 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. | ||||
| CVE-2003-0059 | 2 Mit, Redhat | 3 Kerberos 5, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys. | ||||
| CVE-2003-0063 | 3 Redhat, Xfree86, Xfree86 Project | 4 Enterprise Linux, Linux, Xfree86 and 1 more | 2026-04-16 | 7.3 High |
| The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0066 | 2 Redhat, Rxvt | 3 Enterprise Linux, Linux, Rxvt | 2026-04-16 | N/A |
| The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0067 | 1 Aterm | 1 Aterm | 2026-04-16 | N/A |
| The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0069 | 1 Putty | 1 Putty | 2026-04-16 | N/A |
| The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0077 | 2 Hanterm, Redhat | 3 Hanterm-xf, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0078 | 4 Freebsd, Openbsd, Openssl and 1 more | 6 Freebsd, Openbsd, Openssl and 3 more | 2026-04-16 | N/A |
| ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." | ||||