Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1073 | 1 Atrium Software | 1 Mercur Mailserver | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password. | |||||
| CVE-2002-0876 | 1 Evolvable Corporation | 1 Shambala Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request. | |||||
| CVE-2002-1004 | 1 Argosoft | 1 Argosoft Mail Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. | |||||
| CVE-2002-1076 | 1 Ipswitch | 1 Imail | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. | |||||
| CVE-2002-0995 | 1 Gianluca Baldo | 1 Phpauction | 2008-09-05 | 7.5 HIGH | N/A |
| login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table. | |||||
| CVE-2002-0930 | 1 Novell | 1 Netware | 2008-09-05 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. | |||||
| CVE-2002-0922 | 1 Cgiscript.net | 1 Csnews | 2008-09-05 | 5.0 MEDIUM | N/A |
| CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb. | |||||
| CVE-2002-1001 | 1 Analogx | 1 Proxy | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname. | |||||
| CVE-2002-1003 | 1 Mywebserver | 1 Mywebserver | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2002-0932 | 1 Luis Bernardo | 1 Myhelpdesk | 2008-09-05 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog. | |||||
| CVE-2002-1034 | 1 Sun | 1 I-runbook | 2008-09-05 | 10.0 HIGH | N/A |
| none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument. | |||||
| CVE-2002-1030 | 1 Bea | 1 Weblogic Server | 2008-09-05 | 2.6 LOW | N/A |
| Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections. | |||||
| CVE-2002-0945 | 1 Seanox | 1 Devwex | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in SeaNox Devwex allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2002-1055 | 1 Brother | 1 Nc-3100h | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password. | |||||
| CVE-2002-0908 | 1 Cisco | 1 Ids Device Manager | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request. | |||||
| CVE-2002-0809 | 1 Mozilla | 1 Bugzilla | 2008-09-05 | 7.5 HIGH | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names. | |||||
| CVE-2002-0877 | 1 Evolvable Corporation | 1 Shambala Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands. | |||||
| CVE-2002-0996 | 1 Novell | 2 Netmail, Netmail Xe | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb. | |||||
| CVE-2002-1088 | 1 Novell | 1 Groupwise | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command. | |||||
| CVE-2002-0808 | 1 Mozilla | 1 Bugzilla | 2008-09-05 | 7.5 HIGH | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs. | |||||