ReportizFlow
Filtered by vendor
Subscriptions
Total
29893 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1918 | 1 Microsoft | 1 Data Access Components | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. | ||||
| CVE-2001-0229 | 1 Sun | 1 Chilisoft | 2026-04-16 | N/A |
| Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts. | ||||
| CVE-2001-0254 | 1 Fastream | 1 Ftp\+\+ Server | 2026-04-16 | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command. | ||||
| CVE-2002-1921 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database. | ||||
| CVE-2001-0256 | 1 Fastream | 1 Ftp\+\+ Server | 2026-04-16 | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username. | ||||
| CVE-2002-1932 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection. | ||||
| CVE-2002-1957 | 1 Pen | 1 Pen | 2026-04-16 | N/A |
| Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to execute arbitrary commands via malformed log messages. | ||||
| CVE-2002-1960 | 1 Cybozu | 1 Share360 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows remote attackers to inject arbitrary web script or HTML via an HTML link. | ||||
| CVE-2002-1967 | 1 Mark Hanson | 1 Xircon | 2026-04-16 | N/A |
| Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command. | ||||
| CVE-2002-1970 | 1 Snortcenter | 1 Snortcenter | 2026-04-16 | N/A |
| SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers. | ||||
| CVE-2002-1995 | 1 Lebios | 1 Phptonuke.php | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. | ||||
| CVE-2002-2020 | 1 Netgear | 1 Rp114 | 2026-04-16 | N/A |
| Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 uses a default administrator password and accepts admin logins on the external interface, which allows remote attackers to gain privileges if the password is not changed. | ||||
| CVE-2002-2072 | 1 Sun | 1 Jre | 2026-04-16 | N/A |
| java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument. | ||||
| CVE-2002-2095 | 1 Joe Testa | 1 Hellbent | 2026-04-16 | N/A |
| Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using (1) index.webroot and (2) index.ipallow. | ||||
| CVE-2002-2142 | 1 Bea | 2 Weblogic Integration, Weblogic Server | 2026-04-16 | N/A |
| An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper enforcement of role mappings and policies in applications that use the extension. | ||||
| CVE-2002-2178 | 1 Phpwebsite | 1 Phpwebsite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag. | ||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2026-04-16 | N/A |
| The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2002-2221 | 1 Chetcpasswd | 1 Chetcpasswd | 2026-04-16 | N/A |
| Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639. | ||||
| CVE-2002-2224 | 1 Network Associates | 1 Pgp Freeware | 2026-04-16 | N/A |
| Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload. | ||||
| CVE-2001-0469 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length. | ||||