Total
29893 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1165 | 1 Intego | 2 Diskguard, Fileguard | 2026-04-16 | N/A |
| Intego FileGuard 4.0 uses weak encryption to store user information and passwords, which allows local users to gain privileges by decrypting the information, e.g., with the Disengage tool. | ||||
| CVE-2001-1175 | 2 Andries Brouwer, Redhat | 2 Util-linux, Linux | 2026-04-16 | N/A |
| vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing. | ||||
| CVE-2001-1187 | 1 Mutasem Abudahab | 2 Csvform, Csvform Plus | 2026-04-16 | N/A |
| csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter. | ||||
| CVE-2006-0569 | 1 Papoo | 1 Papoo | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in user_class.php in Papoo 2.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the username field during the registration of a new account. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2001-1191 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2026-04-16 | N/A |
| WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. | ||||
| CVE-2001-1192 | 1 Citrix | 1 Ica Client | 2026-04-16 | N/A |
| Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client. | ||||
| CVE-2006-0570 | 1 Hinton Design | 1 Phpstatus | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magic_quotes is disabled, allow remote attackers to execute arbitrary SQL commands and bypass authentication via (1) the username parameter in check.php and (2) unknown attack vectors in the administrative interface. | ||||
| CVE-2001-1201 | 1 Timecop | 1 Wmcube Gdk | 2026-04-16 | N/A |
| Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file. | ||||
| CVE-2001-1204 | 1 Total Pc Solutions | 1 Php Rocket Add-in | 2026-04-16 | N/A |
| Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2001-1206 | 1 Matrixs Cgi Vault | 1 Last Lines | 2026-04-16 | N/A |
| Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable. | ||||
| CVE-2006-0575 | 1 Thibault Godouet | 1 Fcron | 2026-04-16 | N/A |
| convert-fcrontab in Fcron 2.9.5 and 3.0.0 allows remote attackers to create or overwrite arbitrary files via ".." sequences and a symlink attack on the temporary file that is used during conversion. | ||||
| CVE-2001-1207 | 1 Daydream | 1 Daydream Bbs | 2026-04-16 | N/A |
| Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA. | ||||
| CVE-2001-1208 | 1 Daydream | 1 Daydream Bbs | 2026-04-16 | N/A |
| Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA control code. | ||||
| CVE-2001-1214 | 1 Marcus S. Xenakis | 1 Unix Manual | 2026-04-16 | N/A |
| manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters. | ||||
| CVE-2001-1217 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences. | ||||
| CVE-2001-1224 | 1 Les Vanbrunt | 1 Adrotate Pro | 2026-04-16 | N/A |
| get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. | ||||
| CVE-2006-0577 | 1 Lexmark | 1 X1185 | 2026-04-16 | N/A |
| Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the "Appearance" dialog and selecting the "Additional styles (skins) are available on the Lexmark web site" option, which launches a web browser that is running with SYSTEM privileges. | ||||
| CVE-2001-1225 | 1 Hughes | 1 Msql | 2026-04-16 | N/A |
| Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried. | ||||
| CVE-2006-0581 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp. | ||||
| CVE-2001-1229 | 3 Icecast, Libshout, Redhat | 3 Icecast, Libshout, Powertools | 2026-04-16 | N/A |
| Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | ||||