Export limit exceeded: 29911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1270 | 1 Pkware | 1 Pkzip | 2026-04-16 | N/A |
| Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files. | ||||
| CVE-2001-0687 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | N/A |
| Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename). | ||||
| CVE-2001-0699 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument. | ||||
| CVE-2001-0700 | 1 W3m | 1 W3m | 2026-04-16 | N/A |
| Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header. | ||||
| CVE-2001-1276 | 2 Itcorp, Redhat | 2 Ispell, Linux | 2026-04-16 | N/A |
| ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file. | ||||
| CVE-2001-0707 | 1 Denicomp | 1 Rshd | 2026-04-16 | N/A |
| Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service (crash) via a long string to port 514. | ||||
| CVE-2001-0709 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode. | ||||
| CVE-2001-0710 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2026-04-16 | N/A |
| NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | ||||
| CVE-2001-0712 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text (.txt), JPEG (.jpg), etc. | ||||
| CVE-2001-0713 | 1 Sendmail | 1 Sendmail | 2026-04-16 | N/A |
| Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1) macro names that are one character long, (2) a variable setting which is processed by the setoption function, or (3) a Modifiers setting which is processed by the getmodifiers function. | ||||
| CVE-2001-0714 | 1 Sendmail | 1 Sendmail | 2026-04-16 | N/A |
| Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS option. | ||||
| CVE-2001-0717 | 1 Tooltalk | 1 Tooltalk Database Server | 2026-04-16 | N/A |
| Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function. | ||||
| CVE-2001-1278 | 1 Zope | 1 Zope | 2026-04-16 | N/A |
| Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. | ||||
| CVE-2001-0718 | 1 Microsoft | 2 Excel, Powerpoint | 2026-04-16 | N/A |
| Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsoft PowerPoint 2002 and earlier allows attackers to bypass macro restrictions and execute arbitrary commands by modifying the data stream in the document. | ||||
| CVE-2001-1279 | 2 Lbl, Redhat | 2 Tcpdump, Linux | 2026-04-16 | N/A |
| Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error, a different vulnerability than CVE-2000-1026. | ||||
| CVE-2001-0740 | 1 3com | 2 3c840-us, 3cp4144 | 2026-04-16 | N/A |
| 3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability. | ||||
| CVE-2001-0743 | 1 Oreilly | 1 Webboard | 2026-04-16 | N/A |
| Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands. | ||||
| CVE-2001-1280 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system. | ||||
| CVE-2001-0744 | 1 Horde | 1 Imp | 2026-04-16 | N/A |
| Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file. | ||||
| CVE-2001-1281 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form. | ||||