Export limit exceeded: 344940 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344940 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344940 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0971 | 1 Aci | 1 4d Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request. | ||||
| CVE-2001-0972 | 1 Surf-net | 1 Asp Forum | 2026-04-16 | N/A |
| Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888." | ||||
| CVE-2001-0973 | 1 Fraunhofer Fit | 1 Bscw | 2026-04-16 | N/A |
| BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space. | ||||
| CVE-2001-0974 | 1 Oracle | 1 Internet Directory | 2026-04-16 | N/A |
| Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2001-0975 | 1 Oracle | 1 Internet Directory | 2026-04-16 | N/A |
| Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2001-0976 | 1 Hp | 1 Process Resource Manager | 2026-04-16 | N/A |
| Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables. | ||||
| CVE-2001-0981 | 1 Hp | 1 Cifs-9000 Server | 2026-04-16 | N/A |
| HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user. | ||||
| CVE-2001-0983 | 1 Ultraedit | 1 Ultraedit-32 | 2026-04-16 | N/A |
| UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges. | ||||
| CVE-2001-1158 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts. | ||||
| CVE-2001-0986 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo. | ||||
| CVE-2001-0987 | 1 Nathan Neulinger | 1 Cgiwrap | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap. | ||||
| CVE-2001-0988 | 1 Knox Software | 1 Arkeia | 2026-04-16 | N/A |
| Arkeia backup server 4.2.8-2 and earlier creates its database files with world-writable permissions, which could allow local users to overwrite the files or obtain sensitive information. | ||||
| CVE-2001-1159 | 1 Squirrelmail | 1 Squirrelmail | 2026-04-16 | N/A |
| load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP. | ||||
| CVE-2001-0989 | 1 Richard Everitt | 1 Pileup | 2026-04-16 | N/A |
| Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign. | ||||
| CVE-2001-0990 | 1 Inter7 | 1 Vpopmail | 2026-04-16 | N/A |
| Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library. | ||||
| CVE-2001-1160 | 1 Microburst | 1 Udirectory | 2026-04-16 | N/A |
| udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field. | ||||
| CVE-2001-0991 | 1 Scott R. Lemmon | 1 Proxomitron Naoko-4 | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and earlier allows remote attackers to execute arbitrary script on other clients via an incorrect URL containing the malicious script, which is printed back in an error message. | ||||
| CVE-2001-0992 | 1 Kabotie Software Technologies | 1 Shopplus Cart | 2026-04-16 | N/A |
| shopplus.cgi in ShopPlus shopping cart allows remote attackers to execute arbitrary commands via shell metacharacters in the "file" parameter. | ||||
| CVE-2001-0993 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. | ||||
| CVE-2001-0994 | 1 Marconi | 1 Forethought | 2026-04-16 | N/A |
| Marconi ForeThought 7.1 allows remote attackers to cause a denial of service by causing both telnet sessions to be locked via unusual input (e.g., from a port scanner), which prevents others from logging into the device. | ||||