Total
5449 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2002-2356 | 1 Hamweather | 1 Hamweather | 2024-11-20 | N/A |
HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi. | ||||
CVE-2002-2353 | 1 Tftpd32 | 1 Tftpd32 | 2024-11-20 | N/A |
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests. | ||||
CVE-2002-2344 | 1 Ensim | 1 Webppliance | 2024-11-20 | N/A |
Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address. | ||||
CVE-2002-2334 | 1 Joseph Allen | 1 Joe | 2024-11-20 | N/A |
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users. | ||||
CVE-2002-2327 | 1 Sun | 2 Sun Fire, Sunos | 2024-11-20 | N/A |
Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. | ||||
CVE-2002-2324 | 1 Microsoft | 1 Windows Xp | 2024-11-20 | N/A |
The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricted files and modify registry settings. | ||||
CVE-2002-2320 | 1 Mysimplenews | 1 Mysimplenews | 2024-11-20 | N/A |
MySimpleNews 1.0 allows remote attackers to delete arbitrary email messages via a direct request to vider.php3. | ||||
CVE-2002-2311 | 2 Microsoft, Opera Software | 2 Internet Explorer, Opera Web Browser | 2024-11-20 | N/A |
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue. | ||||
CVE-2002-2302 | 1 3d3.com | 1 Shopfactory | 2024-11-20 | N/A |
3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field. | ||||
CVE-2002-2283 | 1 Microsoft | 1 Windows Xp | 2024-11-20 | N/A |
Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from all users" privilege when the user is removed from the administrator group, which allows that user to view processes of other users. | ||||
CVE-2002-2270 | 1 Hp | 1 Hp-ux | 2024-11-20 | N/A |
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | ||||
CVE-2002-2265 | 2 Hp, Open Source Internet Solutions | 2 Tru64, Open Source Internet Solutions | 2024-11-20 | N/A |
Unspecified vulnerability in LDAP Module in System Authentication of Open Source Internet Solutions (OSIS) 5.4 running on Tru64 UNIX 4.0G and 4.0F allows remote attackers to gain access to arbitrary files or gain privileges via unknown attack vectors. | ||||
CVE-2002-2261 | 1 Sendmail | 1 Sendmail | 2024-11-20 | N/A |
Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname. | ||||
CVE-2002-2254 | 1 Linux | 1 Linux Kernel | 2024-11-20 | N/A |
The experimental IP packet queuing feature in Netfilter / IPTables in Linux kernel 2.4 up to 2.4.19 and 2.5 up to 2.5.31, when a privileged process exits and network traffic is not being queued, may allow a later process with the same Process ID (PID) to access certain network traffic that would otherwise be restricted. | ||||
CVE-2002-2242 | 1 Kismac | 1 Kismac | 2024-11-20 | N/A |
The Apple Package Manager in KisMAC 0.02a and earlier modifies file permissions of sensitive files after installation, which could allow attackers to conduct unauthorized activities on those files. | ||||
CVE-2002-1978 | 1 Darren Reed | 1 Ipfilter | 2024-11-20 | N/A |
IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. | ||||
CVE-2002-1877 | 1 Netgear | 1 Fm114p | 2024-11-20 | N/A |
NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname. | ||||
CVE-2002-1590 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | N/A |
The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service. | ||||
CVE-2002-1111 | 1 Mantis | 1 Mantis | 2024-11-20 | N/A |
print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted. | ||||
CVE-2002-0013 | 2 Redhat, Snmp | 3 Linux, Powertools, Snmp | 2024-11-20 | N/A |
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. |