ReportizFlow
Filtered by vendor
Subscriptions
Total
3676 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2724 | 1 Lionmax Software | 1 Chat Anywhere | 2024-11-21 | N/A |
| LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character. | ||||
| CVE-2004-2715 | 1 Php Heaven | 1 Phpmychat | 2024-11-21 | N/A |
| edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false. | ||||
| CVE-2004-2182 | 1 Macromedia | 1 Jrun | 2024-11-21 | N/A |
| Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server. | ||||
| CVE-2004-1760 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2024-11-21 | N/A |
| The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. | ||||
| CVE-2003-1574 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | N/A |
| TikiWiki 1.6.1 allows remote attackers to bypass authentication by entering a valid username with an arbitrary password, possibly related to the Internet Explorer "Remember Me" feature. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2003-1570 | 1 Ibm | 1 Tivoli Storage Manager | 2024-11-21 | N/A |
| The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure." | ||||
| CVE-2003-1489 | 1 Truegalerie | 1 Truegalerie | 2024-11-21 | N/A |
| upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery. | ||||
| CVE-2003-1475 | 1 Netbus | 1 Netbus | 2024-11-21 | N/A |
| Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only prompts the first connection for authentication, which allows remote attackers to gain access. | ||||
| CVE-2003-1442 | 1 Ericsson | 1 Hm220dp Adsl Modem | 2024-11-21 | N/A |
| The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side. | ||||
| CVE-2003-1434 | 1 Pete Werner | 1 Login Ldap | 2024-11-21 | N/A |
| login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind_anon_dn is on, which allows a bind with no password provided, (2) bind_anon_cred is on, which allows a bind with no DN, or (3) bind_anon is on, which allows a bind with no DN or password. | ||||
| CVE-2003-1433 | 1 Epic Games | 1 Unreal Engine | 2024-11-21 | N/A |
| Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times. | ||||
| CVE-2003-1343 | 1 Trend Micro | 1 Scanmail | 2024-11-21 | N/A |
| Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". | ||||
| CVE-2003-0216 | 1 Cisco | 1 Catos | 2024-11-21 | N/A |
| Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password. | ||||
| CVE-2002-2438 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 High |
| TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling. | ||||
| CVE-2002-2427 | 1 Goahead | 1 Goahead Webserver | 2024-11-21 | N/A |
| The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass authentication and obtain access to protected web content via "an extra slash in a URL," a different vulnerability than CVE-2002-1603. | ||||
| CVE-2002-2417 | 1 Acftp | 1 Acftp | 2024-11-21 | N/A |
| acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges. | ||||
| CVE-2002-2397 | 1 Symantec | 1 Sygate Personal Firewall | 2024-11-21 | N/A |
| Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed (1) source IP address of 127.0.0.1 or (2) network address of 127.0.0.0. | ||||
| CVE-2002-2279 | 1 Aldap | 1 Aldap | 2024-11-21 | N/A |
| Unspecified vulnerability in the bind function in config.inc of aldap 0.09 allows remote attackers to authenticate with Manager permissions. | ||||
| CVE-2002-0563 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2024-11-21 | N/A |
| The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5) soap/servlet/Spy, and (6) dms/AggreSpy; and Oracle Java Process Manager (7) oprocmgr-status and (8) oprocmgr-service, which can be used to control Java processes. | ||||
| CVE-2002-0507 | 2 Microsoft, Rsa | 2 Exchange Server, Securid | 2024-11-21 | N/A |
| An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA. | ||||