CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2003-0092 Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable. | N/A | NONE | — | 0 |
| CVE-2003-0106 The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8. | N/A | NONE | — | 0 |
| CVE-2003-0141 The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memor... | N/A | NONE | — | 0 |
| CVE-2003-0152 Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user. | N/A | NONE | — | 0 |
| CVE-2003-0153 bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi. | N/A | NONE | — | 0 |
| CVE-2003-0154 Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file... | N/A | NONE | — | 0 |
| CVE-2003-0155 bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication. | N/A | NONE | — | 0 |
| CVE-2003-0159 Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | N/A | NONE | — | 0 |
| CVE-2003-0160 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser. | N/A | NONE | — | 0 |
| CVE-2003-0161 The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled... | N/A | NONE | — | 0 |
| CVE-2003-0162 Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page. | N/A | NONE | — | 0 |
| CVE-2003-0165 Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display. | N/A | NONE | — | 0 |
| CVE-2003-0166 Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments ... | N/A | NONE | — | 0 |
| CVE-2003-0167 Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and poss... | N/A | NONE | — | 0 |
| CVE-2003-0168 Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL. | N/A | NONE | — | 0 |
| CVE-2003-0172 Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename... | N/A | NONE | — | 0 |
| CVE-2003-0178 Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parame... | N/A | NONE | — | 0 |
| CVE-2003-0179 Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the Initialize... | N/A | NONE | — | 0 |
| CVE-2003-0180 Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form. | N/A | NONE | — | 0 |
| CVE-2006-2877 PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php... | N/A | NONE | — | 0 |
| CVE-2026-3356 The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanis... | N/A | NONE | — | 0 |
| CVE-2003-0181 Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a lon... | N/A | NONE | — | 0 |
| CVE-2002-0690 Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings. | N/A | NONE | — | 0 |
| CVE-2002-1143 Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Wor... | N/A | NONE | — | 0 |
| CVE-2002-1406 Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior." | N/A | NONE | — | 0 |
| CVE-2002-1407 TinySSL 1.02 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-midd... | N/A | NONE | — | 0 |
| CVE-2002-1408 Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an ea... | N/A | NONE | — | 0 |
| CVE-2002-1409 ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state." | N/A | NONE | — | 0 |
| CVE-2002-1410 Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of... | N/A | NONE | — | 0 |
| CVE-2002-1411 Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter. | N/A | NONE | — | 0 |
| CVE-2002-1412 Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a ... | N/A | NONE | — | 0 |
| CVE-2002-1413 RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection. | N/A | NONE | — | 0 |
| CVE-2002-1414 Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable. | N/A | NONE | — | 0 |
| CVE-2002-1415 Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in S... | N/A | NONE | — | 0 |
| CVE-2002-1416 The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct br... | N/A | NONE | — | 0 |
| CVE-2002-1417 Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL ... | N/A | NONE | — | 0 |
| CVE-2002-1418 Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (AB... | N/A | NONE | — | 0 |
| CVE-2002-1419 The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address. | N/A | NONE | — | 0 |
| CVE-2002-1420 Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check ... | N/A | NONE | — | 0 |
| CVE-2002-1421 SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php. | N/A | NONE | — | 0 |
| CVE-2006-3499 The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privilege... | N/A | NONE | — | 0 |
| CVE-2002-1422 admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters. | N/A | NONE | — | 0 |
| CVE-2002-1423 tmp_view.php in FUDforum before 2.2.0 allows remote attackers to read arbitrary files via an absolute pathname in the file parameter. | N/A | NONE | — | 0 |
| CVE-2002-1424 Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | N/A | NONE | — | 0 |
| CVE-2002-1425 Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ (dot-dot) sequence in the filename to be extracted. | N/A | NONE | — | 0 |
| CVE-2002-1426 HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. | N/A | NONE | — | 0 |
| CVE-2006-4678 PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php. | N/A | NONE | — | 0 |
| CVE-2002-1427 The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users. | N/A | NONE | — | 0 |
| CVE-2002-1428 index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL with the user_cookie parameter set to 1. | N/A | NONE | — | 0 |
| CVE-2002-1429 Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter. | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.