Export limit exceeded: 359472 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359472 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0004 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability. | ||||
| CVE-2001-0007 | 1 Netscreen | 1 Screen Os | 2026-04-16 | N/A |
| Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface. | ||||
| CVE-2001-0010 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | ||||
| CVE-2001-0011 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2001-0012 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | ||||
| CVE-2001-0014 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | ||||
| CVE-2001-0015 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. | ||||
| CVE-2001-0018 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Windows 2000 domain controller in Windows 2000 Server, Advanced Server, or Datacenter Server allows remote attackers to cause a denial of service via a flood of malformed service requests. | ||||
| CVE-2001-0021 | 1 Endymion | 1 Mailman Webmail | 2026-04-16 | N/A |
| MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter. | ||||
| CVE-2001-0023 | 1 Leif M. Wright | 1 Everythingform.cgi | 2026-04-16 | N/A |
| everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | ||||
| CVE-2001-0027 | 1 Proftpd Project | 1 Proftpd | 2026-04-16 | N/A |
| mod_sqlpw module in ProFTPD does not reset a cached password when a user uses the "user" command to change accounts, which allows authenticated attackers to gain privileges of other users. | ||||
| CVE-2001-0030 | 1 Smartstuff | 1 Foolproof Security | 2026-04-16 | N/A |
| FoolProof 3.9 allows local users to bypass program execution restrictions by downloading the restricted executables from another source and renaming them. | ||||
| CVE-2001-0031 | 1 Broadvision | 1 One-to-one Enterprise Server | 2026-04-16 | N/A |
| BroadVision One-To-One Enterprise allows remote attackers to determine the physical path of server files by requesting a .JSP file name that does not exist. | ||||
| CVE-2001-0032 | 1 Eric Rescorla | 1 Ssldump | 2026-04-16 | N/A |
| Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privileges via malicious format string specifiers in a URL. | ||||
| CVE-2001-0036 | 2 Kth, Redhat | 2 Kth Kerberos, Linux | 2026-04-16 | N/A |
| KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file. | ||||
| CVE-2001-0039 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. | ||||
| CVE-2001-0040 | 1 Apc | 1 Apcupsd | 2026-04-16 | N/A |
| APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file. | ||||
| CVE-2002-1035 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number. | ||||
| CVE-2001-0043 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | N/A |
| phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the phpgw_info parameter of the phpgw.inc.php program. | ||||
| CVE-2001-0045 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities. | ||||