Export limit exceeded: 357803 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29944 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29944 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0981 | 1 Hp | 1 Cifs-9000 Server | 2025-04-03 | N/A |
| HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user. | ||||
| CVE-2001-0982 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2025-04-03 | N/A |
| Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings. | ||||
| CVE-2001-0983 | 1 Ultraedit | 1 Ultraedit-32 | 2025-04-03 | N/A |
| UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges. | ||||
| CVE-2001-0984 | 1 Counterpane | 1 Password Safe | 2025-04-03 | N/A |
| Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard and minimizes Password Safe with the "Clear the password when minimized" and "Lock password database on minimize and prompt on restore" options enabled, which could allow an attacker with access to the memory (e.g. an administrator) to read the passwords. | ||||
| CVE-2001-0985 | 1 Hassan Consulting | 1 Shopping Cart | 2025-04-03 | N/A |
| shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter. | ||||
| CVE-2001-0987 | 1 Nathan Neulinger | 1 Cgiwrap | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap. | ||||
| CVE-2001-0988 | 1 Knox Software | 1 Arkeia | 2025-04-03 | N/A |
| Arkeia backup server 4.2.8-2 and earlier creates its database files with world-writable permissions, which could allow local users to overwrite the files or obtain sensitive information. | ||||
| CVE-2001-0989 | 1 Richard Everitt | 1 Pileup | 2025-04-03 | N/A |
| Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign. | ||||
| CVE-2001-0990 | 1 Inter7 | 1 Vpopmail | 2025-04-03 | N/A |
| Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library. | ||||
| CVE-2001-0991 | 1 Scott R. Lemmon | 1 Proxomitron Naoko-4 | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and earlier allows remote attackers to execute arbitrary script on other clients via an incorrect URL containing the malicious script, which is printed back in an error message. | ||||
| CVE-2001-0992 | 1 Kabotie Software Technologies | 1 Shopplus Cart | 2025-04-03 | N/A |
| shopplus.cgi in ShopPlus shopping cart allows remote attackers to execute arbitrary commands via shell metacharacters in the "file" parameter. | ||||
| CVE-2001-0993 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. | ||||
| CVE-2001-0994 | 1 Marconi | 1 Forethought | 2025-04-03 | N/A |
| Marconi ForeThought 7.1 allows remote attackers to cause a denial of service by causing both telnet sessions to be locked via unusual input (e.g., from a port scanner), which prevents others from logging into the device. | ||||
| CVE-2001-0995 | 1 Phpprojekt | 1 Phpprojekt | 2025-04-03 | N/A |
| PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs. | ||||
| CVE-2001-0996 | 1 Pop3lite | 1 Pop3lite | 2025-04-03 | N/A |
| POP3Lite before 0.2.4 does not properly quote a . (dot) in an email message, which could allow a remote attacker to append arbitrary text to the end of an email message, which could then be interpreted by various mail clients as valid POP server responses or other input that could cause clients to crash or otherwise behave unexpectedly. | ||||
| CVE-2001-0997 | 1 Textor Webmasters Ltd. | 1 Listrec.pl | 2025-04-03 | N/A |
| Textor Webmasters Ltd listrec.pl CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the TEMPLATE parameter. | ||||
| CVE-2001-0998 | 1 Ibm | 2 Aix, Hacmp | 2025-04-03 | N/A |
| IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd. | ||||
| CVE-2001-0999 | 1 Microsoft | 1 Outlook Express | 2025-04-03 | N/A |
| Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script. | ||||
| CVE-2001-1000 | 1 Merit | 1 Aaa Radius Server | 2025-04-03 | N/A |
| rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file. | ||||
| CVE-2001-1002 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands. | ||||