Export limit exceeded: 366170 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366170 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1297 1 Actionpoll 1 Actionpoll 2026-04-16 N/A
PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter.
CVE-2001-1301 2 Gnu, Xemacs 2 Emacs, Xemacs 2026-04-16 N/A
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
CVE-2001-1309 1 Ibm 1 Secureway Directory 2026-04-16 N/A
Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2006-1404 1 Industrial Imagination 1 Blankol 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in BlankOL 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) file or (2) function parameter.
CVE-2001-1320 1 Pgp 1 Keyserver 2026-04-16 N/A
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2006-1429 1 Fusionzone 1 Classifiedzone 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in accountlogon.cfm in classifiedZONE 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rtn parameter.
CVE-2006-1431 1 Fusionzone 1 Couponzone 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE couponZONE 4.2 allows remote attackers to inject arbitrary web script or HTML via URL-encoded (1) srchfor and (2) srchby parameters.
CVE-2001-1321 1 Oracle 1 Internet Directory 2026-04-16 N/A
Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2006-1411 1 Xigla 1 Absolute Image Gallery Xe 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the shownew parameter in gallery.asp and (2) unspecified search module parameters.
CVE-2001-1332 2 Easy Software Products, Redhat 2 Cups, Powertools 2026-04-16 N/A
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.
CVE-2001-1337 1 Beck Ipc Gmbh 1 Ipc At Chip Embedded-webserver 2026-04-16 N/A
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request.
CVE-2001-1342 1 Apache 1 Http Server 2026-04-16 N/A
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
CVE-2001-1346 2 Broadcom, Ca 2 Arcserve Backup, Arcserve Backup 2026-04-16 N/A
Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.
CVE-2001-1353 2 Aladdin Enterprises, Redhat 2 Ghostscript, Linux 2026-04-16 N/A
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.
CVE-2006-1481 1 Php Ticket 1 Php Ticket 2026-04-16 N/A
SQL injection vulnerability in search.php in PHP Ticket 0.71 allows remote authenticated users to execute arbitrary SQL commands and obtain usernames and passwords via the frm_search_in parameter.
CVE-2001-1355 1 Netwin 2 Dmail, Surgeftp 2026-04-16 N/A
Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.
CVE-2001-1361 1 Twig Development Team 1 Twig 2026-04-16 N/A
Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links.
CVE-2006-1487 1 Activecampaign 1 Supporttrio 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module.
CVE-2001-1363 1 Phpwebsite Development Team 1 Phpwebsite 2026-04-16 N/A
Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges.
CVE-2001-1369 1 Leon J Breedt 1 Pam-pgsql 2026-04-16 N/A
Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields.