ReportizFlow
Filtered by vendor
Subscriptions
Total
29889 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0409 | 1 Microsoft | 1 .net Framework | 2025-04-03 | N/A |
| orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter. | ||||
| CVE-2003-0388 | 2 Andrew Morgan, Redhat | 2 Linux Pam, Enterprise Linux | 2025-04-03 | N/A |
| pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name. | ||||
| CVE-2002-0418 | 1 Endymion | 1 Sake Mail | 2025-04-03 | N/A |
| Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter. | ||||
| CVE-2003-0404 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2025-04-03 | N/A |
| Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template. | ||||
| CVE-2002-0465 | 1 Hosting Controller | 1 Hosting Controller | 2025-04-03 | N/A |
| Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files, and execute commands, via a .. (dot dot) in the OpenPath parameter. | ||||
| CVE-2002-0520 | 1 Asp-nuke | 1 Asp-nuke | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag. | ||||
| CVE-2002-0561 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2025-04-03 | N/A |
| The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings. | ||||
| CVE-2002-0598 | 1 Foundstone | 1 Fscan | 2025-04-03 | N/A |
| Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner. | ||||
| CVE-2002-0603 | 1 Snapgear | 1 Snapgear Lite\+ Firewall | 2025-04-03 | N/A |
| Snapgear Lite+ firewall 1.5.3 allows remote attackers to cause a denial of service (IPSEC crash) via a zero length packet to UDP port 500. | ||||
| CVE-2002-0604 | 1 Snapgear | 1 Snapgear Lite\+ Firewall | 2025-04-03 | N/A |
| Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP options. | ||||
| CVE-2003-0516 | 1 Gert Doering | 1 Mgetty | 2025-04-03 | N/A |
| cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings. | ||||
| CVE-2002-0616 | 1 Microsoft | 2 Excel, Office | 2025-04-03 | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability." | ||||
| CVE-2002-0623 | 1 Microsoft | 1 Commerce Server | 2025-04-03 | N/A |
| Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via long authentication data, aka "New Variant of the ISAPI Filter Buffer Overrun". | ||||
| CVE-2002-0629 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2025-04-03 | N/A |
| The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via multiple connections to the server. | ||||
| CVE-2002-0632 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server. | ||||
| CVE-2003-0547 | 2 Gnome, Redhat | 3 Gdm, Kdebase, Linux | 2025-04-03 | N/A |
| GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file. | ||||
| CVE-2002-0638 | 3 Hp, Mandrakesoft, Redhat | 6 Secure Os, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2025-04-03 | N/A |
| setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | ||||
| CVE-2003-0572 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption). | ||||
| CVE-2002-0662 | 2 Dan Mueth, Redhat | 2 Scrollkeeper, Linux | 2025-04-03 | N/A |
| scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files. | ||||
| CVE-2002-0678 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2025-04-03 | N/A |
| CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. | ||||