Export limit exceeded: 363673 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363673 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0567 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process. | ||||
| CVE-2002-0568 | 1 Oracle | 3 Application Server, Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory. | ||||
| CVE-2002-0569 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet). | ||||
| CVE-2002-0570 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key. | ||||
| CVE-2002-0573 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. | ||||
| CVE-2002-0576 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message. | ||||
| CVE-2002-0577 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | ||||
| CVE-2002-0578 | 1 Aci | 1 4d Webserver | 2026-04-16 | N/A |
| Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password. | ||||
| CVE-2002-0579 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password. | ||||
| CVE-2002-0580 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks. | ||||
| CVE-2002-0581 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script. | ||||
| CVE-2002-0583 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack. | ||||
| CVE-2002-0584 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets by modifying the TSN ID parameter to the ts_app_process.asp script, which is easily guessable because it is incremented by 1 for each new timesheet. | ||||
| CVE-2002-0585 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service. | ||||
| CVE-2002-0586 | 1 Aol | 1 Aol Server | 2026-04-16 | N/A |
| Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters. | ||||
| CVE-2002-0587 | 1 Aol | 1 Aol Server | 2026-04-16 | N/A |
| Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters. | ||||
| CVE-2002-0588 | 1 Steve Korbett | 1 Pvote | 2026-04-16 | N/A |
| PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php. | ||||
| CVE-2002-0600 | 2 Kth, Luke Mewburn | 2 Kth Kerberos, Lukemftp | 2026-04-16 | N/A |
| Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request. | ||||
| CVE-2002-0601 | 1 Information Security Systems | 1 Realsecure Network Sensor | 2026-04-16 | N/A |
| ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers to cause a denial of service (crash) via malformed DHCP packets that cause RealSecure to dereference a null pointer. | ||||
| CVE-2002-0602 | 1 Snapgear | 1 Snapgear Lite\+ Firewall | 2026-04-16 | N/A |
| Snapgear Lite+ firewall 1.5.4 and 1.5.3 allows remote attackers to cause a denial of service (crash) via a large number of connections to (1) the HTTP web management port, or (2) the PPTP port. | ||||