Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1340 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Telnetd Server | 2025-04-03 | N/A |
| Beck GmbH IPC@Chip TelnetD service supports only one connection and does not disconnect a user who does not complete the login process, which allows remote attackers to lock out the administrator account by connecting to the service. | ||||
| CVE-2001-1341 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2025-04-03 | N/A |
| The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi program by default, which allows remote attackers to obtain sensitive network information via a request to the program. | ||||
| CVE-2001-1350 | 2 Namazu, Redhat | 2 Namazu, Linux | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter. | ||||
| CVE-2001-1351 | 2 Namazu, Redhat | 2 Namazu, Linux | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers. | ||||
| CVE-2001-1354 | 1 Netwin | 2 Dmail, Surgeftp | 2025-04-03 | N/A |
| NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password. | ||||
| CVE-2001-1355 | 1 Netwin | 2 Dmail, Surgeftp | 2025-04-03 | N/A |
| Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | ||||
| CVE-2001-1357 | 1 Phpheaven | 1 Phpmychat | 2025-04-03 | N/A |
| Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables. | ||||
| CVE-2001-1358 | 1 Phpheaven | 1 Phpmychat | 2025-04-03 | N/A |
| Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. | ||||
| CVE-2001-1359 | 1 Caldera | 1 Volution | 2025-04-03 | N/A |
| Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server. | ||||
| CVE-2001-1360 | 1 Mostang | 1 Sane | 2025-04-03 | N/A |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | ||||
| CVE-2001-1353 | 2 Aladdin Enterprises, Redhat | 2 Ghostscript, Linux | 2025-04-03 | N/A |
| ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled. | ||||
| CVE-2001-1356 | 1 Netwin | 1 Surgeftp | 2025-04-03 | N/A |
| NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021. | ||||
| CVE-2001-1367 | 1 Phpslice | 1 Phpslice | 2025-04-03 | N/A |
| The checkAccess function in PHPSlice 0.1.4, and all other versions between 0.1.1 and 0.1.6, does not properly verify the administrative access level, which could allow remote attackers to gain privileges. | ||||
| CVE-2001-1368 | 1 Iplanet | 1 Iplanet Web Server | 2025-04-03 | N/A |
| Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data. | ||||
| CVE-2001-1369 | 1 Leon J Breedt | 1 Pam-pgsql | 2025-04-03 | N/A |
| Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields. | ||||
| CVE-2001-1365 | 1 Osi Codes Inc. | 1 Intragnat | 2025-04-03 | N/A |
| Vulnerability in IntraGnat before 1.4. | ||||
| CVE-2001-1366 | 1 Netscript Project | 1 Netscript | 2025-04-03 | N/A |
| netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information. | ||||
| CVE-2001-1383 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. | ||||
| CVE-2001-1385 | 3 Mandrakesoft, Php, Redhat | 3 Mandrake Linux, Php, Linux | 2025-04-03 | N/A |
| The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts. | ||||
| CVE-2002-0081 | 2 Php, Redhat | 3 Php, Linux, Stronghold | 2025-04-03 | N/A |
| Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled. | ||||