Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1100 | 1 Spencer Miles | 1 W3mail | 2026-04-16 | N/A |
| sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page. | ||||
| CVE-2001-1101 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2001-1102 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. | ||||
| CVE-2001-1104 | 1 Sonicwall | 2 Soho, Soho Firmware | 2026-04-16 | N/A |
| SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions. | ||||
| CVE-2001-1106 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure. | ||||
| CVE-2001-1107 | 1 Snapstream | 1 Pvs | 2026-04-16 | N/A |
| SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server. | ||||
| CVE-2001-1108 | 1 Snapstream | 1 Pvs | 2026-04-16 | N/A |
| Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a .. (dot dot) attack in the requested URL. | ||||
| CVE-2001-1110 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-04-16 | N/A |
| EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection. | ||||
| CVE-2001-1111 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-04-16 | N/A |
| EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file. | ||||
| CVE-2001-1112 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-04-16 | N/A |
| Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters. | ||||
| CVE-2001-1113 | 1 Trolltech | 1 Trollftpd | 2026-04-16 | N/A |
| Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command. | ||||
| CVE-2001-1114 | 1 Netcode | 1 Nc Book | 2026-04-16 | N/A |
| book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell metacharacters in the "current" parameter. | ||||
| CVE-2001-1115 | 1 Sixhead | 1 Six-webboard | 2026-04-16 | N/A |
| generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot (..) in the content parameter. | ||||
| CVE-2001-1116 | 1 Identix | 1 Biologon | 2026-04-16 | N/A |
| Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running Windows 98 or ME, which allows an attacker with physical access to the system to bypass authentication through a secondary display. | ||||
| CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2026-04-16 | N/A |
| LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | ||||
| CVE-2001-1119 | 1 Ti Kan | 1 Xmcd | 2026-04-16 | N/A |
| cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2001-1120 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. | ||||
| CVE-2001-1122 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode. | ||||
| CVE-2001-1123 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID. | ||||
| CVE-2001-1126 | 1 Symantec | 1 Liveupdate | 2026-04-16 | N/A |
| Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | ||||