Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0145 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field.
CVE-2001-0147 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records.
CVE-2001-0148 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability.
CVE-2001-0154 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
CVE-2001-0155 1 Van Dyke Technologies 1 Vshell 2026-04-16 N/A
Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers.
CVE-2001-0156 1 Van Dyke Technologies 1 Vshell 2026-04-16 N/A
VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems.
CVE-2001-0160 2 Lucent, Orinoco 2 Wavelan, Orinoco Wavelan 2026-04-16 N/A
Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol (WEP) which allows remote attackers to quickly compile information that will let them decrypt messages.
CVE-2001-0164 1 Netscape 1 Directory Server 2026-04-16 N/A
Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.
CVE-2001-0166 1 Macromedia 1 Shockwave Flash Plugin 2026-04-16 N/A
Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file.
CVE-2001-0168 1 Att 1 Winvnc 2026-04-16 N/A
Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0.
CVE-2001-0173 2 Nobreak Technologies, Qdecoder 2 Crazywwwboard, Qdecoder 2026-04-16 N/A
Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.
CVE-2001-0217 1 Mnscu Pals 1 Webpals 2026-04-16 N/A
Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter.
CVE-2001-1562 1 Bsd 1 Nvi 2026-04-16 N/A
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename.
CVE-2001-0218 1 Martin Stover 1 Mars Nwe 2026-04-16 N/A
Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands.
CVE-2006-1900 1 W3c 1 Amaya 2026-04-16 N/A
Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element; and via other unspecified attack vectors consisting of "dozens of possible snippets."
CVE-2004-1398 1 Roxio 1 Toast 2026-04-16 N/A
Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via format string specifiers in the extension argument.
CVE-2004-1866 1 Nstx 1 Ip Over Dns Utility 2026-04-16 N/A
nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a denial of service (crash) via a large packet, which triggers a null dereference.
CVE-2001-0219 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service.
CVE-2001-0220 2 Ja-elvis, Ko-helvis 2 Ja-elvis, Ko-helvis 2026-04-16 N/A
Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.
CVE-2001-0221 1 Freebsd 1 Ja-xklock 2026-04-16 N/A
Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges.