Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1578 1 Sap 1 Sap R 3 2026-04-16 N/A
The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected.
CVE-2002-1579 1 Sap 1 Sapgui 2026-04-16 N/A
SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error.
CVE-2002-1492 1 Cisco 1 Vpn 5000 Client 2026-04-16 N/A
Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.
CVE-2002-1580 1 Carnegie Mellon University 1 Cyrus Imap Server 2026-04-16 N/A
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
CVE-2002-0077 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability.
CVE-2002-2109 1 Matt Wright 1 Formmail 2026-04-16 N/A
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer.
CVE-2002-1517 1 Sgi 2 Freeware, Irix 2026-04-16 N/A
fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file.
CVE-2004-2298 1 Novell 2 Internet Messaging System, Netmail 2026-04-16 N/A
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.
CVE-2002-0155 1 Microsoft 3 Msn Chat Control, Msn Messenger, Msn Messenger Service For Exchange 2026-04-16 N/A
Buffer overflow in Microsoft MSN Chat ActiveX Control, as used in MSN Messenger 4.5 and 4.6, and Exchange Instant Messenger 4.5 and 4.6, allows remote attackers to execute arbitrary code via a long ResDLL parameter in the MSNChat OCX.
CVE-2002-0262 1 Sybex 1 E-trainer 2026-04-16 N/A
Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2002-0376 1 Apple 1 Quicktime 2026-04-16 N/A
Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field.
CVE-2002-0384 2 Redhat, Rob Flynn 4 Enterprise Linux, Linux, Powertools and 1 more 2026-04-16 N/A
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
CVE-1999-0121 2026-04-16 N/A
Buffer overflow in dtaction command gives root access.
CVE-1999-0188 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The passwd command in Solaris can be subjected to a denial of service.
CVE-1999-0126 1 Xfree86 Project 1 Xfree86 2026-04-16 N/A
SGI IRIX buffer overflow in xterm and Xaw allows root access.
CVE-2004-0922 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2026-04-16 N/A
AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.
CVE-1999-0191 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS newdsn.exe CGI script allows remote users to overwrite files.
CVE-1999-0197 2026-04-16 N/A
finger 0@host on some systems may print information on some user accounts.
CVE-1999-0200 2026-04-16 N/A
Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password.
CVE-2002-0469 2 Ecartis, Listar 2 Ecartis, Listar 2026-04-16 N/A
Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, "lock-to-user" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges.