Search Results (366140 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1337 1 Beck Ipc Gmbh 1 Ipc At Chip Embedded-webserver 2026-04-16 N/A
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request.
CVE-2001-1342 1 Apache 1 Http Server 2026-04-16 N/A
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
CVE-2001-1346 2 Broadcom, Ca 2 Arcserve Backup, Arcserve Backup 2026-04-16 N/A
Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.
CVE-2001-1353 2 Aladdin Enterprises, Redhat 2 Ghostscript, Linux 2026-04-16 N/A
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.
CVE-2006-1481 1 Php Ticket 1 Php Ticket 2026-04-16 N/A
SQL injection vulnerability in search.php in PHP Ticket 0.71 allows remote authenticated users to execute arbitrary SQL commands and obtain usernames and passwords via the frm_search_in parameter.
CVE-2001-1355 1 Netwin 2 Dmail, Surgeftp 2026-04-16 N/A
Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.
CVE-2001-1361 1 Twig Development Team 1 Twig 2026-04-16 N/A
Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links.
CVE-2006-1487 1 Activecampaign 1 Supporttrio 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module.
CVE-2001-1363 1 Phpwebsite Development Team 1 Phpwebsite 2026-04-16 N/A
Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges.
CVE-2001-1369 1 Leon J Breedt 1 Pam-pgsql 2026-04-16 N/A
Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields.
CVE-2006-1415 1 Dotnetbb 1 Dotnetbb Forums 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in iforget.aspx in dotNetBB 2.42EC SP 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the em parameter.
CVE-2006-1416 1 Xigla 1 Absolute Faq Manager .net 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute FAQ Manager .NET 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the question parameter.
CVE-2001-1374 3 Conectiva, Don Libes, Redhat 3 Linux, Expect, Linux 2026-04-16 N/A
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
CVE-2006-1417 1 Caloris Planitia Technologies 1 Web Quiz Pro 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web Quiz pro), possibly 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) exam parameter in prequiz.asp or (2) msg parameter in student.asp.
CVE-2006-1420 1 Arabless 1 Saphplesson 2026-04-16 N/A
SQL injection vulnerability in print.php in SaphpLesson 2.0 allows remote attackers to execute arbitrary SQL commands via the lessid parameter.
CVE-2006-1422 1 Jjwwebdesign 1 Phpbookingcalendar 2026-04-16 N/A
SQL injection vulnerability in details_view.php in PHP Booking Calendar 1.0c and earlier allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
CVE-2001-1382 1 Openbsd 1 Openssh 2026-04-16 N/A
The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.
CVE-2001-1383 1 Redhat 1 Linux 2026-04-16 N/A
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files.
CVE-2001-1388 2 Netfilter, Redhat 2 Iptables, Linux 2026-04-16 N/A
iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator.
CVE-2006-1423 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier, allows remote attackers to execute arbitrary SQL commands via the Number parameter.