Export limit exceeded: 29922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1017 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords. | ||||
| CVE-2006-4304 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2026-04-16 | N/A |
| Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver. | ||||
| CVE-2001-1023 | 1 Xcache Technologies | 1 Xcache | 2026-04-16 | N/A |
| Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header. | ||||
| CVE-2001-1037 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2026-04-16 | N/A |
| Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged. | ||||
| CVE-2001-1039 | 1 Hp | 1 Jetadmin | 2026-04-16 | N/A |
| The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer. | ||||
| CVE-2001-1044 | 1 Basilix | 1 Basilix Webmail | 2026-04-16 | N/A |
| Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file. | ||||
| CVE-2001-1049 | 1 Paul M. Jones | 1 Phorecast | 2026-04-16 | N/A |
| Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2001-1050 | 1 Cccsoftware | 1 Ccc | 2026-04-16 | N/A |
| CCCSoftware CCC PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2001-1051 | 1 Dark Hart Portal | 1 Darkportal-unix | 2026-04-16 | N/A |
| Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2001-1052 | 1 Emergenices Personnel Information System | 1 Empris | 2026-04-16 | N/A |
| Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2001-1058 | 1 Wolfram Research | 1 Mathematica | 2026-04-16 | N/A |
| The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license. | ||||
| CVE-2001-1065 | 1 Cisco | 1 Cbos | 2026-04-16 | N/A |
| Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. | ||||
| CVE-2001-1067 | 1 Aol | 1 Aol Server | 2026-04-16 | N/A |
| Buffer overflow in AOLserver 3.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via an HTTP request with a long Authorization header. | ||||
| CVE-2001-1089 | 2 Alessandro Gardich, Joerg Wendland | 2 Nss Postgresql, Libnss-pgsql | 2026-04-16 | N/A |
| libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request. | ||||
| CVE-2001-1090 | 1 Alessandro Gardich | 1 Nss Postgresql | 2026-04-16 | N/A |
| nss_postgresql 0.6.1 and before allows a remote attacker to execute arbitrary SQL queries by inserting SQL code into an HTTP request. | ||||
| CVE-2001-1136 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service. | ||||
| CVE-2001-1118 | 1 Roxen | 1 Roxen Webserver | 2026-04-16 | N/A |
| A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL. | ||||
| CVE-2001-1131 | 1 Whitsoft Development | 1 Slimftpd | 2026-04-16 | N/A |
| Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command. | ||||
| CVE-2001-1132 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication. | ||||
| CVE-2002-0112 | 1 Etype | 1 Eserv | 2026-04-16 | N/A |
| Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL. | ||||