Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1165 1 Intego 2 Diskguard, Fileguard 2026-04-16 N/A
Intego FileGuard 4.0 uses weak encryption to store user information and passwords, which allows local users to gain privileges by decrypting the information, e.g., with the Disengage tool.
CVE-2001-1175 2 Andries Brouwer, Redhat 2 Util-linux, Linux 2026-04-16 N/A
vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing.
CVE-2006-0569 1 Papoo 1 Papoo 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in user_class.php in Papoo 2.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the username field during the registration of a new account. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2001-1191 1 Ibm 1 Tivoli Secureway Policy Director 2026-04-16 N/A
WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.
CVE-2001-1192 1 Citrix 1 Ica Client 2026-04-16 N/A
Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client.
CVE-2006-0570 1 Hinton Design 1 Phpstatus 2026-04-16 N/A
Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magic_quotes is disabled, allow remote attackers to execute arbitrary SQL commands and bypass authentication via (1) the username parameter in check.php and (2) unknown attack vectors in the administrative interface.
CVE-2001-1201 1 Timecop 1 Wmcube Gdk 2026-04-16 N/A
Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file.
CVE-2001-1207 1 Daydream 1 Daydream Bbs 2026-04-16 N/A
Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA.
CVE-2001-1214 1 Marcus S. Xenakis 1 Unix Manual 2026-04-16 N/A
manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters.
CVE-2001-1217 1 Oracle 1 Application Server 2026-04-16 N/A
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
CVE-2001-1224 1 Les Vanbrunt 1 Adrotate Pro 2026-04-16 N/A
get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack.
CVE-2006-0577 1 Lexmark 1 X1185 2026-04-16 N/A
Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the "Appearance" dialog and selecting the "Additional styles (skins) are available on the Lexmark web site" option, which launches a web browser that is running with SYSTEM privileges.
CVE-2001-1225 1 Hughes 1 Msql 2026-04-16 N/A
Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried.
CVE-2006-0581 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.
CVE-2001-1229 3 Icecast, Libshout, Redhat 3 Icecast, Libshout, Powertools 2026-04-16 N/A
Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
CVE-2006-0584 1 Peoplesoft 1 Peopletools 2026-04-16 N/A
The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 with a fixed DES key to store user passwords, which makes it easier for local users to guess passwords using a dictionary attack that compares output strings.
CVE-2006-0593 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 allows remote attackers to inject arbitrary web script or HTML via the (1) shout_name field in shoutbox_panel.php and the (2) comments field in comments_include.php.
CVE-2001-1393 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang).
CVE-2001-1397 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory.
CVE-2001-1409 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, Xfree86 X Server 2026-04-16 N/A
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.