Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360766 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0768 | 2 Luke Mewburn, Suse | 2 Lukemftp, Suse Linux | 2026-04-16 | N/A |
| Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command. | ||||
| CVE-2001-1235 | 1 Derek Leung | 1 Pslash | 2026-04-16 | N/A |
| pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | ||||
| CVE-2001-1237 | 1 Peaceworks Computer Consulting | 1 Phormation | 2026-04-16 | N/A |
| Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable. | ||||
| CVE-2002-0773 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath. | ||||
| CVE-2001-1241 | 1 Steve Grimm | 1 Un-cgi | 2026-04-16 | N/A |
| Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name. | ||||
| CVE-2002-0775 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter. | ||||
| CVE-2001-1242 | 1 Steve Grimm | 1 Un-cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form. | ||||
| CVE-2002-1085 | 1 Visualshapers | 1 Ezcontents | 2026-04-16 | N/A |
| Multiple cross-site scripting vulnerabilities in ezContents 1.41 and earlier allow remote attackers to execute script and steal cookies via the diary and other capabilities. | ||||
| CVE-2002-0780 | 1 Novell | 1 Bordermanager | 2026-04-16 | N/A |
| IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND. | ||||
| CVE-2002-1086 | 1 Visualshapers | 1 Ezcontents | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to conduct unauthorized activities. | ||||
| CVE-2001-1247 | 2 Php, Redhat | 2 Php, Linux | 2026-04-16 | N/A |
| PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files. | ||||
| CVE-2002-0782 | 1 Novell | 1 Bordermanager | 2026-04-16 | N/A |
| Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled allows remote attackers to cause a denial of service by filling the connection table with a large number of connection requests to hosts that do not have a specific route, which may be forwarded to the public interface. | ||||
| CVE-2001-1248 | 1 Vwebserver | 1 Vwebserver | 2026-04-16 | N/A |
| vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character (%20). | ||||
| CVE-2001-1250 | 1 Vwebserver | 1 Vwebserver | 2026-04-16 | N/A |
| vWebServer 1.2.0 allows remote attackers to cause a denial of service (hang) via a small number of long URL requests, possibly due to a buffer overflow. | ||||
| CVE-2002-0787 | 1 Critical Path | 1 Injoin Directory Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters. | ||||
| CVE-2001-1255 | 2 Mysql, Oracle | 2 Winmysqladmin, Mysql | 2026-04-16 | N/A |
| WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. | ||||
| CVE-2002-0788 | 1 Pgp | 3 Corporate Desktop, Freeware, Personal Security | 2026-04-16 | 5.5 Medium |
| An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information. | ||||
| CVE-2001-1257 | 1 Horde | 1 Imp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email. | ||||
| CVE-2002-0795 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. | ||||
| CVE-2001-1263 | 1 Pragma Systems | 1 Interaccess | 2026-04-16 | N/A |
| telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service (crash) via a large number of characters to port 23, possibly due to a buffer overflow. | ||||