Search Results (364156 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0860 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).
CVE-2001-0845 1 Dec 4 Dec Openvms, Dec Openvms Alpha, Sevms and 1 more 2026-04-16 N/A
Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.
CVE-2002-0125 1 Clanlib 1 Clanlib 2026-04-16 N/A
Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as (1) Super Methane Brothers, (2) Star War, (3) Kwirk, (4) Clankanoid, and others, via a long HOME environment variable.
CVE-2001-0844 1 Seth Leonard 2 Book Of Guests, Post It 2026-04-16 N/A
Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.
CVE-2001-0843 2 Redhat, Squid 2 Linux, Squid Web Proxy 2026-04-16 N/A
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
CVE-2001-0842 1 Leoboard 1 Lb5000 2026-04-16 N/A
Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie.
CVE-2001-0403 1 Sun 1 Sunos 2026-04-16 N/A
/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI.
CVE-2001-0404 1 Sun 1 Javaserver Web Dev Kit 2026-04-16 N/A
Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory.
CVE-2002-0056 1 Microsoft 1 Sql Server 2026-04-16 N/A
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
CVE-2001-0405 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
CVE-2001-0412 1 Cisco 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 2026-04-16 N/A
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.
CVE-2002-0057 1 Microsoft 4 Internet Explorer, Sql Server, Windows Xp and 1 more 2026-04-16 N/A
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.
CVE-2001-0413 1 Bintec 3 X1000, X1200, X4000 2026-04-16 N/A
BinTec X4000 Access router, and possibly other versions, allows remote attackers to cause a denial of service via a SYN port scan, which causes the router to hang.
CVE-2001-0414 2 Dave Mills, Redhat 3 Ntpd, Xntp3, Linux 2026-04-16 N/A
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
CVE-2001-0415 1 Redi 1 Rediplus 2026-04-16 N/A
REDIPlus program, REDI.exe, stores passwords and user names in cleartext in the StartLog.txt log file, which allows local users to gain access to other accounts.
CVE-2001-0419 1 Oracle 1 Application Server 2026-04-16 N/A
Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/.
CVE-2001-0433 1 Micheal Lamont 1 Savant Webserver 2026-04-16 N/A
Buffer overflow in Savant 3.0 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Host HTTP header.
CVE-2002-0063 2 Easy Software Products, Redhat 2 Cups, Powertools 2026-04-16 N/A
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
CVE-2001-0437 1 Dcscripts 2 Dcforum, Dcforum 2000 2026-04-16 N/A
upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file.
CVE-2001-0443 1 Qpc Software 2 Qvt Net, Qvt Term Plus 2026-04-16 N/A
Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password.