Export limit exceeded: 362833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362833 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0908 2 Mozilla, Redhat 3 Mozilla, Thunderbird, Enterprise Linux 2026-04-16 N/A
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.
CVE-2001-0618 1 Lucent 1 Orinoco Rg-1000 2026-04-16 N/A
Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic.
CVE-2001-1518 1 Microsoft 1 Windows 2000 2026-04-16 N/A
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability.
CVE-2001-0597 1 Zetetic Enterprises 1 Strip 2026-04-16 N/A
Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.
CVE-2001-0591 1 Oracle 2 Application Server, Jsp 2026-04-16 N/A
Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack.
CVE-2001-1517 1 Microsoft 1 Windows 2000 2026-04-16 N/A
RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it, and the original researcher did not respond to requests for additional information
CVE-2004-2299 1 Omnicron 1 Omnihttpd 2026-04-16 N/A
Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header.
CVE-2004-2296 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
The preview_review function in the Reviews module in PHP-Nuke 6.0 to 7.3, when running on Windows systems, allows remote attackers to obtain sensitive information via an invalid date parameter, which generates an error message.
CVE-2001-1451 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests.
CVE-2001-1347 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes.
CVE-2001-0564 1 Apc 1 Ap9606 2026-04-16 N/A
APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporarily locks the card.
CVE-2001-0563 1 Electrosoft 1 Electrocomm 2026-04-16 N/A
ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a remote attacker to create a denial of service via large (> 160000 character) strings sent to port 23.
CVE-2001-1302 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function.
CVE-2001-0548 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.
CVE-2001-1244 7 Freebsd, Hp, Linux and 4 more 9 Freebsd, Hp-ux, Vvos and 6 more 2026-04-16 N/A
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVE-2001-0523 1 Eeye Digital Security 2 Secureiis, Securells 2026-04-16 N/A
eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected.
CVE-2001-0504 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying.
CVE-2001-0373 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.
CVE-2001-0509 1 Microsoft 4 Exchange Server, Sql Server, Windows 2000 and 1 more 2026-04-16 N/A
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
CVE-2001-0351 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.