Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0554 | 1 Ibm | 1 Informix Web Datablade | 2025-04-03 | N/A |
| webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request. | ||||
| CVE-2002-0555 | 1 Ibm | 1 Informix Web Datablade | 2025-04-03 | N/A |
| IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it. | ||||
| CVE-2002-0556 | 1 Deep Forest Software | 1 Quik-serv Webserver | 2025-04-03 | N/A |
| Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | ||||
| CVE-2002-0579 | 1 Workforceroi | 1 Xpede | 2025-04-03 | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password. | ||||
| CVE-2002-0581 | 1 Workforceroi | 1 Xpede | 2025-04-03 | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script. | ||||
| CVE-2002-0583 | 1 Workforceroi | 1 Xpede | 2025-04-03 | N/A |
| WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack. | ||||
| CVE-2002-0630 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2025-04-03 | N/A |
| The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets. | ||||
| CVE-2002-0631 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges. | ||||
| CVE-2002-0627 | 1 Polycom | 8 Viewstation 128, Viewstation 512, Viewstation Dcp and 5 more | 2025-04-03 | N/A |
| The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests. | ||||
| CVE-2002-0632 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server. | ||||
| CVE-2002-0675 | 1 Pingtel | 1 Xpressa | 2025-04-03 | N/A |
| Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware upgrade, which allows unauthorized users to upgrade the phone. | ||||
| CVE-2002-0677 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2025-04-03 | N/A |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | ||||
| CVE-2002-0688 | 2 Redhat, Zope | 2 Powertools, Zope | 2025-04-03 | N/A |
| ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes. | ||||
| CVE-2002-0700 | 1 Microsoft | 1 Content Management Server | 2025-04-03 | N/A |
| Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server (MCMS) 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise." | ||||
| CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2025-04-03 | N/A |
| Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | ||||
| CVE-2002-0706 | 1 Surfcontrol | 2 Superscout Web Filter, Web Filter | 2025-04-03 | N/A |
| UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function. | ||||
| CVE-2002-0740 | 1 Slrn Development Team | 1 Slrn | 2025-04-03 | N/A |
| Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument. | ||||
| CVE-2002-0737 | 1 Sambar | 1 Sambar Server | 2025-04-03 | N/A |
| Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character. | ||||
| CVE-2002-0743 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. | ||||
| CVE-2002-0782 | 1 Novell | 1 Bordermanager | 2025-04-03 | N/A |
| Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled allows remote attackers to cause a denial of service by filling the connection table with a large number of connection requests to hosts that do not have a specific route, which may be forwarded to the public interface. | ||||