Search Results (365959 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1127 1 Progress 1 Progress 2026-04-16 N/A
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
CVE-2001-1125 1 Symantec 1 Liveupdate 2026-04-16 9.8 Critical
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site.
CVE-2006-1210 1 Micromuse 1 Netcool Neusecure 2026-04-16 N/A
The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
CVE-2001-1117 1 Linksys 1 Befsr41 2026-04-16 N/A
LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm.
CVE-2006-1377 2 Comoblog Project, Easymoblog 2 Comoblog, Easymoblog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in img.php in (1) EasyMoblog 0.5.1 and (2) CoMoblog 1.1 allows remote attackers to inject arbitrary web script or HTML via the i parameter.
CVE-2001-1116 1 Identix 1 Biologon 2026-04-16 N/A
Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running Windows 98 or ME, which allows an attacker with physical access to the system to bypass authentication through a secondary display.
CVE-2006-1209 1 Bugada Andrea 1 Php Advanced Transfer Manager 2026-04-16 N/A
PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive information, including password hashes, under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for a users/[USERNAME] file.
CVE-2001-1113 1 Trolltech 1 Trollftpd 2026-04-16 N/A
Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command.
CVE-2001-1111 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.
CVE-2006-1375 1 Brain Book Software 1 Adman 2026-04-16 N/A
AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
CVE-2001-1110 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
CVE-2006-1372 1 Benson It Solutions 1 1webcalendar 2026-04-16 N/A
Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) EventID parameter in viewEvent.cfm, (2) NewsID parameter in newsView.cfm, or (3) ThisDate parameter in mainCal.cfm.
CVE-2006-1172 1 Tdc 1 Cryptomathic Cenroll Activex Control 2026-04-16 N/A
Stack-based buffer overflow in the createPKCS10 function in Cryptomathic Cenroll ActiveX Control 1.1.0.0 allows remote attackers to execute arbitrary code via vectors related to the TDC Digital signature.
CVE-2001-1102 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
CVE-2001-1098 1 Cisco 1 Pix Firewall Manager 2026-04-16 N/A
Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file.
CVE-2001-1094 1 Crosstec Corporation 1 Netop School 2026-04-16 N/A
NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version.
CVE-2006-1370 1 Realnetworks 2 Realone Player, Realplayer 2026-04-16 N/A
Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file.
CVE-2001-1087 1 Network Appliance 1 Netcache 2026-04-16 N/A
The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.
CVE-2006-1368 1 Linux 1 Linux Kernel 2026-04-16 N/A
Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure.
CVE-2001-1086 1 Xfree86 Project 1 X11r6 2026-04-16 N/A
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.