Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2267 | 1 Bogofilter | 1 Bogopass Email Filter | 2026-04-16 | N/A |
| bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack on the bogopass temporary file. | ||||
| CVE-2002-2274 | 1 Akfingerd | 1 Akfingerd | 2026-04-16 | N/A |
| akfingerd 0.5 allows local users to read arbitrary files as the akfingerd user (nobody) via a symlink attack on the .plan file. | ||||
| CVE-2002-2275 | 1 Fortres Grand Corporation | 1 Fortres | 2026-04-16 | N/A |
| Fortres 101 4.1 allows local users to bypass Fortres by pressing the Windows and "F" key together for 30 seconds, which opens multiple windows and eventually causes explorer.exe to crash, which then opens an unrestricted explorer.exe. | ||||
| CVE-2002-2281 | 1 Symantec | 1 Java | 2026-04-16 | N/A |
| Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator 4.0 through 4.8 allows remote attackers to execute arbitrary Java commands via an applet that uses a jump call, which is not correctly compiled by the JIT compiler. | ||||
| CVE-2002-2284 | 1 Netscape | 1 Communicator | 2026-04-16 | N/A |
| Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. | ||||
| CVE-2002-2293 | 1 Twofold Photos | 1 Webshots Desktop | 2026-04-16 | N/A |
| Webshots Desktop screensaver allows local users to bypass the password on the screensaver by pressing CTRL-ALT-DELETE and (1) hitting the cancel button or (2) killing the screensaver from the task manager. | ||||
| CVE-2002-2307 | 1 Pyramid | 1 Benhur Software Update | 2026-04-16 | N/A |
| The default configuration of BenHur Firewall release 3 update 066 fix 2 allows remote attackers to access arbitrary services by connecting from source port 20. | ||||
| CVE-2003-0140 | 2 Mutt, Redhat | 3 Mutt, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder. | ||||
| CVE-2003-0142 | 1 Adobe | 1 Acrobat Reader | 2026-04-16 | N/A |
| Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function. | ||||
| CVE-2003-0143 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | N/A |
| The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name. | ||||
| CVE-2003-0144 | 4 Bsd, Freebsd, Lprold and 1 more | 4 Lpr, Freebsd, Lprold and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. | ||||
| CVE-2003-0145 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093. | ||||
| CVE-2003-0154 | 1 Mozilla | 1 Bonsai | 2026-04-16 | N/A |
| Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244. | ||||
| CVE-2003-0165 | 2 Gnome, Redhat | 2 Eog, Linux | 2026-04-16 | N/A |
| Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display. | ||||
| CVE-2003-0166 | 1 Php | 1 Php | 2026-04-16 | N/A |
| Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions. | ||||
| CVE-2003-0168 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL. | ||||
| CVE-2003-0169 | 1 Hp | 1 Instant Toptools | 2026-04-16 | N/A |
| hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. | ||||
| CVE-2003-0170 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | ||||
| CVE-2003-0176 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan. | ||||