Export limit exceeded: 344892 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344892 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1214 | 1 Marcus S. Xenakis | 1 Unix Manual | 2026-04-16 | N/A |
| manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters. | ||||
| CVE-2001-1215 | 1 Michael Baumer | 1 Pfinger | 2026-04-16 | N/A |
| Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file. | ||||
| CVE-2001-1216 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page. | ||||
| CVE-2001-1217 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences. | ||||
| CVE-2001-1218 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. | ||||
| CVE-2002-0418 | 1 Endymion | 1 Sake Mail | 2026-04-16 | N/A |
| Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter. | ||||
| CVE-2001-1220 | 1 D-link | 1 Dwl-1000ap | 2026-04-16 | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. | ||||
| CVE-2001-1221 | 1 D-link | 1 Dwl-1000ap | 2026-04-16 | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information. | ||||
| CVE-2001-1222 | 1 Plesk | 1 Plesk Server Administrator | 2026-04-16 | N/A |
| Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain. | ||||
| CVE-2001-1223 | 1 Elsa | 1 Lancom 1100 Office | 2026-04-16 | N/A |
| The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server. | ||||
| CVE-2001-1224 | 1 Les Vanbrunt | 1 Adrotate Pro | 2026-04-16 | N/A |
| get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. | ||||
| CVE-2001-1225 | 1 Hughes | 1 Msql | 2026-04-16 | N/A |
| Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried. | ||||
| CVE-2001-1226 | 1 Adcycle | 1 Adcycle | 2026-04-16 | N/A |
| AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database. | ||||
| CVE-2001-1272 | 1 Wliang | 1 Wmtv | 2026-04-16 | N/A |
| wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option. | ||||
| CVE-2001-1300 | 1 Dynu Systems Inc. | 1 Dynu Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD) command. | ||||
| CVE-2001-1325 | 1 Microsoft | 2 Internet Explorer, Outlook Express | 2026-04-16 | N/A |
| Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH). | ||||
| CVE-2001-1377 | 12 Freeradius, Gnu, Icradius and 9 more | 12 Freeradius, Radius, Icradius and 9 more | 2026-04-16 | N/A |
| Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. | ||||
| CVE-2001-1390 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages. | ||||
| CVE-2001-1391 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | 5.5 Medium |
| Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory. | ||||
| CVE-2001-1392 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | N/A |
| The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers. | ||||