Export limit exceeded: 347276 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347276 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347276 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3693 | 1 Rocks Clusters | 1 Rocks Clusters | 2026-04-16 | N/A |
| Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (\`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call. | ||||
| CVE-2001-0960 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2026-04-16 | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges. | ||||
| CVE-2001-0961 | 1 John E. Davis | 1 Most | 2026-04-16 | N/A |
| Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most. | ||||
| CVE-2001-0962 | 1 Ibm | 2 Websphere Application Server, Websphere Commerce Suite | 2026-04-16 | N/A |
| IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | ||||
| CVE-2001-0963 | 1 Pi-soft | 1 Spoonftp | 2026-04-16 | N/A |
| Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command. | ||||
| CVE-2001-0964 | 1 Valve Software | 1 Half-life | 2026-04-16 | N/A |
| Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command. | ||||
| CVE-2001-0965 | 1 Glftpd | 1 Glftpd | 2026-04-16 | N/A |
| glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters. | ||||
| CVE-2001-0969 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts. | ||||
| CVE-2001-1157 | 1 Baltimore Technologies | 1 Websweeper | 2026-04-16 | N/A |
| Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode. | ||||
| CVE-2001-0970 | 1 Tdavid | 1 Td Forum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum12.cgi) allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script. | ||||
| CVE-2001-0971 | 1 Aci | 1 4d Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request. | ||||
| CVE-2001-0972 | 1 Surf-net | 1 Asp Forum | 2026-04-16 | N/A |
| Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888." | ||||
| CVE-2001-0973 | 1 Fraunhofer Fit | 1 Bscw | 2026-04-16 | N/A |
| BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space. | ||||
| CVE-2001-0974 | 1 Oracle | 1 Internet Directory | 2026-04-16 | N/A |
| Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2001-0975 | 1 Oracle | 1 Internet Directory | 2026-04-16 | N/A |
| Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2001-0976 | 1 Hp | 1 Process Resource Manager | 2026-04-16 | N/A |
| Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables. | ||||
| CVE-2001-0981 | 1 Hp | 1 Cifs-9000 Server | 2026-04-16 | N/A |
| HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user. | ||||
| CVE-2001-0983 | 1 Ultraedit | 1 Ultraedit-32 | 2026-04-16 | N/A |
| UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges. | ||||
| CVE-2001-1158 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts. | ||||
| CVE-2001-0986 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo. | ||||