Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1199 1 Steve Kneizys 1 Agora.cgi 2026-04-16 N/A
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
CVE-2001-1204 1 Total Pc Solutions 1 Php Rocket Add-in 2026-04-16 N/A
Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
CVE-2002-0761 1 Bzip 1 Bzip2 2026-04-16 N/A
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended.
CVE-2002-0762 1 Suse 1 Suse Linux 2026-04-16 N/A
shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files.
CVE-2001-1206 1 Matrixs Cgi Vault 1 Last Lines 2026-04-16 N/A
Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable.
CVE-2002-0764 1 Phorum 1 Phorum 2026-04-16 N/A
Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.
CVE-2002-1084 1 Visualshapers 1 Ezcontents 2026-04-16 N/A
The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests.
CVE-2001-1208 1 Daydream 1 Daydream Bbs 2026-04-16 N/A
Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA control code.
CVE-2002-0765 1 Openbsd 2 Openbsd, Openssh 2026-04-16 N/A
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
CVE-2001-1210 1 Cisco 3 Ubr920, Ubr924, Ubr925 2026-04-16 N/A
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings.
CVE-2002-0766 1 Openbsd 1 Openbsd 2026-04-16 N/A
OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor.
CVE-2001-1220 1 D-link 1 Dwl-1000ap 2026-04-16 N/A
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges.
CVE-2001-1233 1 Novell 2 Groupwise Webaccess, Netware 2026-04-16 N/A
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
CVE-2002-0768 2 Luke Mewburn, Suse 2 Lukemftp, Suse Linux 2026-04-16 N/A
Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.
CVE-2001-1235 1 Derek Leung 1 Pslash 2026-04-16 N/A
pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable.
CVE-2001-1269 2 Info-zip, Redhat 3 Unzip, Enterprise Linux, Linux 2026-04-16 N/A
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.
CVE-2001-1272 1 Wliang 1 Wmtv 2026-04-16 N/A
wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option.
CVE-2001-1274 2 Oracle, Redhat 2 Mysql, Linux 2026-04-16 N/A
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
CVE-2001-1280 1 Ipswitch 1 Imail 2026-04-16 N/A
POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system.
CVE-2002-0798 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.