Export limit exceeded: 359781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359781 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1171 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. | ||||
| CVE-2002-1080 | 1 Aprelium Technologies | 1 Abyss Web Server | 2026-04-16 | N/A |
| The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl. | ||||
| CVE-2001-0149 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. | ||||
| CVE-2005-4330 | 1 Ihtml Merchant | 1 Ihtml Merchant Mall | 2026-04-16 | N/A |
| SQL injection vulnerability in browse.ihtml in iHTML Merchant Mall allows remote attackers to execute arbitrary SQL commands via the (1) id, (2) store, and (3) step parameters. | ||||
| CVE-2001-1194 | 1 Zyxel | 2 Prestige 1600, Prestige 681 | 2026-04-16 | N/A |
| Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly. | ||||
| CVE-2001-1216 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page. | ||||
| CVE-2002-0683 | 1 Pacific Software | 1 Carello | 2026-04-16 | N/A |
| Directory traversal vulnerability in Carello 1.3 allows remote attackers to execute programs on the server via a .. (dot dot) in the VBEXE parameter. | ||||
| CVE-2001-1223 | 1 Elsa | 1 Lancom 1100 Office | 2026-04-16 | N/A |
| The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server. | ||||
| CVE-2001-1249 | 1 Vwebserver | 1 Vwebserver | 2026-04-16 | N/A |
| vWebServer 1.2.0 allows remote attackers to cause a denial of service via a URL that contains MS-DOS device names. | ||||
| CVE-2001-0183 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection. | ||||
| CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2026-04-16 | N/A |
| The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request. | ||||
| CVE-2001-0184 | 1 Eeye Digital Security | 1 Iris | 2026-04-16 | N/A |
| eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet. | ||||
| CVE-2002-1059 | 1 Van Dyke Technologies | 1 Securecrt | 2026-04-16 | N/A |
| Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string. | ||||
| CVE-2001-0058 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2026-04-16 | N/A |
| The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. | ||||
| CVE-2002-0653 | 2 Modssl, Redhat | 6 Mod Ssl, Enterprise Linux, Linux and 3 more | 2026-04-16 | 7.8 High |
| Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries. | ||||
| CVE-2001-0061 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space. | ||||
| CVE-2005-1052 | 1 Microsoft | 2 Outlook, Outlook Web Access | 2026-04-16 | N/A |
| Microsoft Outlook 2003 and Outlook Web Access (OWA) 2003 do not properly display comma separated addresses in the From field in an e-mail message, which could allow remote attackers to spoof e-mail addresses. | ||||
| CVE-2001-0066 | 2 Kevin Lindsay, Redhat | 2 Secure Locate, Linux | 2026-04-16 | N/A |
| Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer. | ||||
| CVE-2002-0661 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters. | ||||
| CVE-2001-0070 | 1 Upland Solutions | 1 1st Up Mail Server | 2026-04-16 | N/A |
| Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command. | ||||