Export limit exceeded: 344900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344900 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1342 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer. | ||||
| CVE-2001-1343 | 1 Cgicentral | 2 Webstore 400, Webstore 400cs | 2026-04-16 | N/A |
| ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter. | ||||
| CVE-2001-1346 | 2 Broadcom, Ca | 2 Arcserve Backup, Arcserve Backup | 2026-04-16 | N/A |
| Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. | ||||
| CVE-2001-1347 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes. | ||||
| CVE-2001-1348 | 1 Twig Development Team | 1 Twig | 2026-04-16 | N/A |
| TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter. | ||||
| CVE-2001-1349 | 2 Redhat, Sendmail | 2 Linux, Sendmail | 2026-04-16 | N/A |
| Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers. | ||||
| CVE-2001-1350 | 2 Namazu, Redhat | 2 Namazu, Linux | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter. | ||||
| CVE-2001-1353 | 2 Aladdin Enterprises, Redhat | 2 Ghostscript, Linux | 2026-04-16 | N/A |
| ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled. | ||||
| CVE-2001-1354 | 1 Netwin | 2 Dmail, Surgeftp | 2026-04-16 | N/A |
| NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password. | ||||
| CVE-2004-0305 | 1 Webcortex | 1 Webstores 2000 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp in WebCortex WebStores 2000 6.0 allows remote attackers to execute arbitrary script as other users and steal session IDs via the Message_id parameter. | ||||
| CVE-2001-1355 | 1 Netwin | 2 Dmail, Surgeftp | 2026-04-16 | N/A |
| Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | ||||
| CVE-2001-1356 | 1 Netwin | 1 Surgeftp | 2026-04-16 | N/A |
| NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021. | ||||
| CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | ||||
| CVE-2004-0306 | 1 Cisco | 1 Optical Networking Systems Software | 2026-04-16 | N/A |
| Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories. | ||||
| CVE-2001-1359 | 1 Caldera | 1 Volution | 2026-04-16 | N/A |
| Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server. | ||||
| CVE-2001-1360 | 1 Mostang | 1 Sane | 2026-04-16 | N/A |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | ||||
| CVE-2001-1361 | 1 Twig Development Team | 1 Twig | 2026-04-16 | N/A |
| Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links. | ||||
| CVE-2001-1362 | 1 Horsburgh | 1 Npulse | 2026-04-16 | N/A |
| Vulnerability in the server for nPULSE before 0.53p4. | ||||
| CVE-2003-1414 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. | ||||
| CVE-2001-1366 | 1 Netscript Project | 1 Netscript | 2026-04-16 | N/A |
| netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information. | ||||