Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0086 | 1 Ibm | 1 Lotus Domino | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable. | |||||
| CVE-2002-0087 | 1 Lotus | 1 Domino | 2017-07-10 | 2.1 LOW | N/A |
| bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2002-0145 | 1 Scott Parish | 1 Chuid | 2017-07-10 | 7.5 HIGH | N/A |
| chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root. | |||||
| CVE-2002-0164 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2017-07-10 | 4.6 MEDIUM | N/A |
| Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges. | |||||
| CVE-2002-0180 | 1 Bradford Barrett | 1 Webalizer | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname. | |||||
| CVE-2002-0206 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 7.5 HIGH | N/A |
| index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter. | |||||
| CVE-2002-0244 | 1 Atheos | 1 Atheos | 2017-07-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in chroot function in AtheOS 0.3.7 allows attackers to escape the jail via a .. (dot dot) in the pathname argument to chdir. | |||||
| CVE-2002-0281 | 1 Codeworx Technologies | 1 Dcp-portal | 2017-07-10 | 5.1 MEDIUM | N/A |
| Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier allows remote attackers to gain privileges of other portal users by providing Javascript in the job information field to user_update.php. | |||||
| CVE-2002-0282 | 1 Codeworx Technologies | 1 Dcp-portal | 2017-07-10 | 5.0 MEDIUM | N/A |
| DCP-Portal 3.7 through 4.5 allows remote attackers to obtain the physical path of the server via (1) a direct request to add_user.php, or via an invalid new_language parameter in (2) contents.php, (3) categories.php, or (4) files.php, which leaks the path in an error message. | |||||
| CVE-2002-0286 | 1 Sitenews | 1 Sitenews | 2017-07-10 | 7.5 HIGH | N/A |
| The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user. | |||||
| CVE-2002-0293 | 1 Alcatel-lucent | 1 Omnipcx | 2017-07-10 | 6.2 MEDIUM | N/A |
| FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file. | |||||
| CVE-2002-0296 | 1 Tarantella | 1 Tarantella Enterprise | 2017-07-10 | 1.2 LOW | N/A |
| The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file. | |||||
| CVE-2002-0305 | 1 Zero One Tech | 1 P100s | 2017-07-10 | 5.0 MEDIUM | N/A |
| Zero One Tech (ZOT) P100s print server does not properly disable the SNMP service or change the default password, which could leave the server open to attack without the administrator's knowledge. | |||||
| CVE-2002-0308 | 1 Stefan Holmberg | 1 Admentor | 2017-07-10 | 10.0 HIGH | N/A |
| admin.asp in AdMentor 2.11 allows remote attackers to bypass authentication and gain privileges via a SQL injection attack on the Login and Password arguments. | |||||
| CVE-2002-0310 | 1 Netwin | 1 Webnews | 2017-07-10 | 7.5 HIGH | N/A |
| Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879. | |||||
| CVE-2002-0375 | 1 Ecometry | 1 Sgdynamo | 2017-07-10 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows remote attackers to execute arbitrary Javascript via a URL with the script in the HTNAME parameter. | |||||
| CVE-2002-0385 | 1 Vignette | 2 Storyserver, Vignette | 2017-07-10 | 5.0 MEDIUM | N/A |
| Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output. | |||||
| CVE-2002-0393 | 1 Red-m | 1 1050ap Lan Acess Point | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password. | |||||
| CVE-2002-0486 | 1 Workforceroi | 1 Xpede | 2017-07-10 | 7.2 HIGH | N/A |
| Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges. | |||||
| CVE-2002-0526 | 1 Inn | 1 Inn | 2017-07-10 | 7.2 HIGH | N/A |
| Vulnerability in (1) inews or (2) rnews for INN 2.2.3 and earlier, related to insecure open() calls. | |||||