Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1233 | 1 Novell | 2 Groupwise Webaccess, Netware | 2025-04-03 | N/A |
| Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. | ||||
| CVE-2001-1234 | 1 Gallery Project | 1 Gallery | 2025-04-03 | N/A |
| Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. | ||||
| CVE-2001-1235 | 1 Derek Leung | 1 Pslash | 2025-04-03 | N/A |
| pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | ||||
| CVE-2001-1237 | 1 Peaceworks Computer Consulting | 1 Phormation | 2025-04-03 | N/A |
| Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable. | ||||
| CVE-2001-1251 | 2 Max Feoktistov, Vwebserver | 2 Small Http Server, Vwebserver | 2025-04-03 | N/A |
| SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to cause a denial of service via multiple long URL requests. | ||||
| CVE-2001-1249 | 1 Vwebserver | 1 Vwebserver | 2025-04-03 | N/A |
| vWebServer 1.2.0 allows remote attackers to cause a denial of service via a URL that contains MS-DOS device names. | ||||
| CVE-2001-1250 | 1 Vwebserver | 1 Vwebserver | 2025-04-03 | N/A |
| vWebServer 1.2.0 allows remote attackers to cause a denial of service (hang) via a small number of long URL requests, possibly due to a buffer overflow. | ||||
| CVE-2001-1253 | 1 Com2001 | 1 Alexis Server | 2025-04-03 | N/A |
| Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users. | ||||
| CVE-2001-1254 | 1 Com2001 | 1 Alexis Server | 2025-04-03 | N/A |
| Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing. | ||||
| CVE-2001-1275 | 2 Oracle, Redhat | 2 Mysql, Linux | 2025-04-03 | N/A |
| MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking. | ||||
| CVE-2001-1276 | 2 Itcorp, Redhat | 2 Ispell, Linux | 2025-04-03 | N/A |
| ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file. | ||||
| CVE-2001-1279 | 2 Lbl, Redhat | 2 Tcpdump, Linux | 2025-04-03 | N/A |
| Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error, a different vulnerability than CVE-2000-1026. | ||||
| CVE-2001-1281 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form. | ||||
| CVE-2001-1277 | 1 Wolfram Schneider | 1 Makewhatis | 2025-04-03 | N/A |
| makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters. | ||||
| CVE-2001-1278 | 1 Zope | 1 Zope | 2025-04-03 | N/A |
| Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. | ||||
| CVE-2001-1286 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. | ||||
| CVE-2001-1287 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2001-1288 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2025-04-03 | N/A |
| Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe. | ||||
| CVE-2001-1289 | 1 Id Software | 1 Quake 3 Arena | 2025-04-03 | N/A |
| Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denial of service (crash) via a malformed connection packet that begins with several char-255 characters. | ||||
| CVE-2001-1290 | 1 Active Web Suite Technologies | 1 Active Classifieds | 2025-04-03 | N/A |
| admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the table_width parameter. | ||||