Export limit exceeded: 360195 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2026-04-16 | N/A |
| The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request. | ||||
| CVE-2001-0184 | 1 Eeye Digital Security | 1 Iris | 2026-04-16 | N/A |
| eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet. | ||||
| CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2026-04-16 | N/A |
| ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | ||||
| CVE-2001-1276 | 2 Itcorp, Redhat | 2 Ispell, Linux | 2026-04-16 | N/A |
| ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file. | ||||
| CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2026-04-16 | N/A |
| Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | ||||
| CVE-2001-0188 | 1 Goodtech | 2 Ftp Server 95 98, Ftp Server Nt 2000 | 2026-04-16 | N/A |
| GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash. | ||||
| CVE-2001-1308 | 1 Sun | 1 Iplanet Directory Server | 2026-04-16 | N/A |
| Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2001-0210 | 1 Carey Internet Service | 1 Commerce.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in commerce.cgi CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the page parameter. | ||||
| CVE-2001-1362 | 1 Horsburgh | 1 Npulse | 2026-04-16 | N/A |
| Vulnerability in the server for nPULSE before 0.53p4. | ||||
| CVE-2006-3671 | 1 Hyper Estraier | 1 Hyper Estraier | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the communicate function in estmaster.c for Hyper Estraier before 1.3.3 allows remote attackers to perform unauthorized actions as other users via unknown vectors. | ||||
| CVE-2006-3700 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.2.0.6 and 10.1.0.4 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 for Web Distributed Authoring and Versioning (DAV) and (2) DB23 for XMLDB. | ||||
| CVE-2001-0215 | 1 Martin Hamilton | 1 Roads | 2026-04-16 | N/A |
| ROADS search.pl program allows remote attackers to read arbitrary files by specifying the file name in the form parameter and terminating the filename with a null byte. | ||||
| CVE-2001-0222 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | ||||
| CVE-2001-1222 | 1 Plesk | 1 Plesk Server Administrator | 2026-04-16 | N/A |
| Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain. | ||||
| CVE-2002-1095 | 1 Cisco | 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2026-04-16 | N/A |
| Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set. | ||||
| CVE-2001-1230 | 2 Icecast, Redhat | 2 Icecast, Powertools | 2026-04-16 | N/A |
| Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | ||||
| CVE-2001-1231 | 1 Novell | 1 Groupwise | 2026-04-16 | N/A |
| GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix. | ||||
| CVE-2002-1097 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2026-04-16 | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages. | ||||
| CVE-2001-1236 | 1 Sebastian Bunka | 1 Myphppagetool | 2026-04-16 | N/A |
| myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | ||||
| CVE-2001-0250 | 1 Netscape | 1 Enterprise Server | 2026-04-16 | N/A |
| The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command. | ||||