Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1433 1 Cherokee 1 Cherokee Httpd 2026-04-16 N/A
Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities.
CVE-2006-0608 1 Hinton Design 1 Phphd 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Hinton Design phphd 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to check.php or (2) unknown attack vectors to scripts that display information from the database.
CVE-2001-1436 1 Dallas Semiconductor 1 Ibutton 2026-04-16 N/A
Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password.
CVE-2001-1439 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.
CVE-2006-0609 1 Hinton Design 1 Phphd 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in add.php in Hinton Design phphd 1.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2001-1440 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.
CVE-2001-1442 1 Isc 1 Inn 2026-04-16 N/A
Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument.
CVE-2006-0613 1 Sun 1 J2se 2026-04-16 N/A
Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications.
CVE-2001-1445 1 Lotus 1 Domino Mail Server 2026-04-16 N/A
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
CVE-2006-0626 1 Spip 1 Spip 2026-04-16 N/A
SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter.
CVE-2001-1468 1 Secure Reality 1 Phpsecurepages 2026-04-16 N/A
PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
CVE-2001-1469 1 Ssh 1 Ssh 2026-04-16 N/A
The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
CVE-2006-0634 1 Borland Software 1 C\+\+ Builder 2026-04-16 N/A
Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.
CVE-2001-1470 1 Ssh 1 Ssh 2026-04-16 N/A
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
CVE-2001-1477 1 Bea 1 Tuxedo 2026-04-16 N/A
The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.
CVE-2006-0639 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka MyBulletinBoard) 1.0.2 allows remote attackers with knowledge of the table prefix to inject arbitrary web script or HTML via a URL encoded value of the keywords parameter, as demonstrated by %3Cscript%3E.
CVE-2006-0640 1 Orbicule 1 Undercover 2026-04-16 N/A
Orbicule Undercover allows attackers with physical or root access to disable the protection by using the chmod command to change the permissions of the /private/etc/uc.app/Contents/MacOS/uc file, which prevents the service from being started in LaunchDaemon.
CVE-2001-1488 1 Open Projects Network 1 Open Projects Network Ircd 2026-04-16 N/A
Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the daemon.
CVE-2001-1497 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack.
CVE-2001-1498 1 Markus Kliegl 1 Mod Bf 2026-04-16 N/A
Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary commands via a long script.