Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0296 | 1 Texas Imperial Software | 1 Wftpd Pro | 2025-04-03 | N/A |
| Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command. | ||||
| CVE-2001-0304 | 1 Caucho Technology | 1 Resin | 2025-04-03 | N/A |
| Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request. | ||||
| CVE-2001-0325 | 1 Qnx | 1 Rtp | 2025-04-03 | N/A |
| Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. | ||||
| CVE-2001-0327 | 1 Iplanet | 1 Iplanet Web Server | 2025-04-03 | N/A |
| iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server. | ||||
| CVE-2001-0335 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters. | ||||
| CVE-2001-0350 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability. | ||||
| CVE-2001-0353 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine. | ||||
| CVE-2001-0370 | 1 Michael A. Gumienny | 1 Fcheck | 2025-04-03 | N/A |
| fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters. | ||||
| CVE-2001-0371 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information. | ||||
| CVE-2001-0372 | 1 Akopia | 1 Akopia Interchange | 2025-04-03 | N/A |
| Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a default group account :backup with no password, which allows a remote attacker to gain administrative access via the demo stores (1) barry, (2) basic, or (3) construct. | ||||
| CVE-2001-0542 | 1 Microsoft | 1 Sql Server | 2025-04-03 | N/A |
| Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879. | ||||
| CVE-2001-0545 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. | ||||
| CVE-2001-0557 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | N/A |
| T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e). | ||||
| CVE-2001-0559 | 1 Paul Vixie | 1 Vixie Cron | 2025-04-03 | N/A |
| crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error. | ||||
| CVE-2001-0563 | 1 Electrosoft | 1 Electrocomm | 2025-04-03 | N/A |
| ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a remote attacker to create a denial of service via large (> 160000 character) strings sent to port 23. | ||||
| CVE-2001-0564 | 1 Apc | 1 Ap9606 | 2025-04-03 | N/A |
| APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporarily locks the card. | ||||
| CVE-2001-0573 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory. | ||||
| CVE-2001-0574 | 1 Jason Rahaim | 1 Mp3mystic | 2025-04-03 | N/A |
| Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL. | ||||
| CVE-2001-0599 | 1 Sybase | 1 Adaptive Server Anywhere | 2025-04-03 | N/A |
| Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638. | ||||
| CVE-2001-0620 | 1 Iplanet | 1 Calendar Server | 2025-04-03 | N/A |
| iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions. | ||||