Export limit exceeded: 364098 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364098 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364098 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0114 1 Emc 1 Networker 2026-04-16 N/A
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
CVE-2001-0816 2 Openbsd, Redhat 2 Openssh, Linux 2026-04-16 N/A
OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands.
CVE-2002-0117 1 Yabb 1 Yabb 2026-04-16 N/A
Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
CVE-2001-0819 2 Fetchmail, Redhat 2 Fetchmail, Linux 2026-04-16 N/A
A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.
CVE-2002-0120 1 Palm 1 Palm Desktop 2026-04-16 N/A
Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information.
CVE-2001-0824 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page.
CVE-2001-0826 1 Aclogic 1 Cesarftp 2026-04-16 N/A
Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD.
CVE-2001-0827 1 Grant Averett 1 Ceberus Ftp Server 2026-04-16 7.5 High
Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denial of service (crash) via a large number of "PASV" requests.
CVE-2002-0121 1 Php 1 Php 2026-04-16 N/A
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
CVE-2002-0122 1 Siemens 1 3568i Wap 2026-04-16 N/A
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.
CVE-2001-0834 5 Conectiva, Debian, Htdig and 2 more 5 Linux, Debian Linux, Htdig and 2 more 2026-04-16 N/A
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
CVE-2001-0836 1 Oracle 1 Application Server Web Cache 2026-04-16 N/A
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2001-0402 3 Darren Reed, Freebsd, Openbsd 3 Ipfilter, Freebsd, Openbsd 2026-04-16 N/A
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
CVE-2002-0055 1 Microsoft 3 Exchange Server, Windows 2000, Windows Xp 2026-04-16 N/A
SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
CVE-2001-0401 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
CVE-2001-0400 1 Matt Tourtillott 1 Nph-maillist 2026-04-16 N/A
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.
CVE-2001-0399 1 Caucho Technology 1 Resin 2026-04-16 N/A
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
CVE-2001-0397 1 Silent Runner 1 Silent Runner Collector Src 2026-04-16 N/A
Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long SMTP HELO command.
CVE-2001-0389 1 Ibm 2 Net.commerce, Websphere Application Server 2026-04-16 N/A
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument.
CVE-2001-0388 3 Freebsd, Mandrakesoft, Suse 3 Freebsd, Mandrake Linux, Suse Linux 2026-04-16 N/A
time server daemon timed allows remote attackers to cause a denial of service via malformed packets.