Export limit exceeded: 344927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344927 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2026-04-16 | N/A |
| LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | ||||
| CVE-2001-1120 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. | ||||
| CVE-2001-1253 | 1 Com2001 | 1 Alexis Server | 2026-04-16 | N/A |
| Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users. | ||||
| CVE-2001-0514 | 3 Atmel, Linksys, Netgear | 3 802.11b Vnet-b Access Point, Wap11, Me102 | 2026-04-16 | N/A |
| SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | ||||
| CVE-2001-0515 | 1 Oracle | 2 Database Server, Oracle8i | 2026-04-16 | N/A |
| Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value. | ||||
| CVE-2001-0518 | 1 Oracle | 1 Oracle9i | 2026-04-16 | N/A |
| Oracle listener before Oracle 9i allows attackers to cause a denial of service by repeatedly sending the first portion of a fragmented Oracle command without sending the remainder of the command, which causes the listener to hang. | ||||
| CVE-2001-1125 | 1 Symantec | 1 Liveupdate | 2026-04-16 | 9.8 Critical |
| Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site. | ||||
| CVE-2001-0519 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2026-04-16 | N/A |
| Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags. | ||||
| CVE-2001-0521 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2026-04-16 | N/A |
| Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document. | ||||
| CVE-2001-0522 | 2 Gnu, Redhat | 2 Privacy Guard, Linux | 2026-04-16 | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | ||||
| CVE-2001-0524 | 1 Eeye Digital Security | 1 Securells | 2026-04-16 | N/A |
| eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier. | ||||
| CVE-2001-0526 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable. | ||||
| CVE-2001-0527 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2026-04-16 | N/A |
| DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database. | ||||
| CVE-2001-0528 | 1 Oracle | 1 E-business Suite | 2026-04-16 | N/A |
| Oracle E-Business Suite Release 11i Applications Desktop Integrator (ADI) version 7.x includes a debug version of FNDPUB11I.DLL, which logs the APPS schema password in cleartext in a debug file, which allows local users to obtain the password and gain privileges. | ||||
| CVE-2001-0529 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack. | ||||
| CVE-2001-0530 | 1 Spearhead | 2 Netgap 200, Netgap 300 | 2026-04-16 | N/A |
| Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker to bypass file blocking and content inspection via specially encoded URLs which include '%' characters. | ||||
| CVE-2001-0533 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental variable. | ||||
| CVE-2001-0534 | 2 Lucent, Merit | 2 Radius, Radius | 2026-04-16 | N/A |
| Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands. | ||||
| CVE-2001-0535 | 1 Macromedia | 1 Coldfusion Server | 2026-04-16 | N/A |
| Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script. | ||||
| CVE-2001-0538 | 1 Microsoft | 1 Outlook | 2026-04-16 | N/A |
| Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page. | ||||