Export limit exceeded: 345168 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345168 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0572 | 3 Openbsd, Redhat, Ssh | 3 Openssh, Linux, Ssh | 2026-04-16 | N/A |
| The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands. | ||||
| CVE-2001-0581 | 1 Spytech | 1 Spynet Chat | 2026-04-16 | N/A |
| Spytech Spynet Chat Server 6.5 allows a remote attacker to create a denial of service (crash) via a large number of connections to port 6387. | ||||
| CVE-2006-3662 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." However, the relevant source code suggests that this issue may be legitimate, and the parameter is cleansed in 1.5.3.1 | ||||
| CVE-1999-0686 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2026-04-16 | N/A |
| Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL. | ||||
| CVE-2000-0184 | 2 Mandrakesoft, Redhat | 2 Mandrake Linux, Linux | 2026-04-16 | N/A |
| Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. | ||||
| CVE-2001-0608 | 1 Hp | 1 Mpe | 2026-04-16 | N/A |
| HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program. | ||||
| CVE-2001-0626 | 1 Oreilly | 1 Website Professional | 2026-04-16 | N/A |
| O'Reilly Website Professional 2.5.4 and earlier allows remote attackers to determine the physical path to the root directory via a URL request containing a ":" character. | ||||
| CVE-2001-0635 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords. | ||||
| CVE-2001-0647 | 1 Orange Software | 1 Orange Web Server | 2026-04-16 | N/A |
| Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version. | ||||
| CVE-2001-0658 | 1 Microsoft | 1 Isa Server | 2026-04-16 | N/A |
| Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message. | ||||
| CVE-2001-0677 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user. | ||||
| CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 5 Linux, Debian Linux, Linux and 2 more | 2026-04-16 | N/A |
| Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | ||||
| CVE-2001-0696 | 1 Netwin | 1 Surgeftp | 2026-04-16 | N/A |
| NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con. | ||||
| CVE-2001-0702 | 1 Grant Averett | 1 Ceberus Ftp Server | 2026-04-16 | N/A |
| Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command. | ||||
| CVE-2001-0705 | 1 Arcadia | 1 Arcadia Internet Store | 2026-04-16 | N/A |
| Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument. | ||||
| CVE-2001-0733 | 1 Ralf S. Engelschall | 1 Eperl | 2026-04-16 | N/A |
| The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the 'sinclude' file to point to another file that contains a #include directive that references a file that contains the code. | ||||
| CVE-2001-0736 | 5 Engardelinux, Immunix, Mandrakesoft and 2 more | 6 Secure Linux, Immunix, Mandrake Linux and 3 more | 2026-04-16 | N/A |
| Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2001-0742 | 1 Computalynx | 1 Cmail | 2026-04-16 | N/A |
| Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows remote attackers to run arbitrary code via a long HELO command. | ||||
| CVE-2001-0751 | 1 Cisco | 1 Cbos | 2026-04-16 | N/A |
| Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | ||||
| CVE-2001-0778 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20). | ||||