Export limit exceeded: 351112 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351112 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0977 | 4 Debian, Mandrakesoft, Openldap and 1 more | 6 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2026-04-16 | N/A |
| slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. | ||||
| CVE-2001-0980 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2026-04-16 | N/A |
| docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page. | ||||
| CVE-2001-0985 | 1 Hassan Consulting | 1 Shopping Cart | 2026-04-16 | N/A |
| shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter. | ||||
| CVE-2001-0989 | 1 Richard Everitt | 1 Pileup | 2026-04-16 | N/A |
| Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign. | ||||
| CVE-2001-0990 | 1 Inter7 | 1 Vpopmail | 2026-04-16 | N/A |
| Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library. | ||||
| CVE-2001-0991 | 1 Scott R. Lemmon | 1 Proxomitron Naoko-4 | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and earlier allows remote attackers to execute arbitrary script on other clients via an incorrect URL containing the malicious script, which is printed back in an error message. | ||||
| CVE-2001-0992 | 1 Kabotie Software Technologies | 1 Shopplus Cart | 2026-04-16 | N/A |
| shopplus.cgi in ShopPlus shopping cart allows remote attackers to execute arbitrary commands via shell metacharacters in the "file" parameter. | ||||
| CVE-2001-0993 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. | ||||
| CVE-2001-0994 | 1 Marconi | 1 Forethought | 2026-04-16 | N/A |
| Marconi ForeThought 7.1 allows remote attackers to cause a denial of service by causing both telnet sessions to be locked via unusual input (e.g., from a port scanner), which prevents others from logging into the device. | ||||
| CVE-2001-0995 | 1 Phpprojekt | 1 Phpprojekt | 2026-04-16 | N/A |
| PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs. | ||||
| CVE-2001-0996 | 1 Pop3lite | 1 Pop3lite | 2026-04-16 | N/A |
| POP3Lite before 0.2.4 does not properly quote a . (dot) in an email message, which could allow a remote attacker to append arbitrary text to the end of an email message, which could then be interpreted by various mail clients as valid POP server responses or other input that could cause clients to crash or otherwise behave unexpectedly. | ||||
| CVE-2001-0997 | 1 Textor Webmasters Ltd. | 1 Listrec.pl | 2026-04-16 | N/A |
| Textor Webmasters Ltd listrec.pl CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the TEMPLATE parameter. | ||||
| CVE-2001-0998 | 1 Ibm | 2 Aix, Hacmp | 2026-04-16 | N/A |
| IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd. | ||||
| CVE-2001-0999 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script. | ||||
| CVE-2001-1000 | 1 Merit | 1 Aaa Radius Server | 2026-04-16 | N/A |
| rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file. | ||||
| CVE-2001-1004 | 1 Gnutella | 1 Gnutella Client | 2026-04-16 | N/A |
| Cross-site scripting (CSS) vulnerability in gnut Gnutella client before 0.4.27 allows remote attackers to execute arbitrary script on other clients by sharing a file whose name contains the script tags. | ||||
| CVE-2001-1009 | 2 Fetchmail, Redhat | 2 Fetchmail, Linux | 2026-04-16 | N/A |
| Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | ||||
| CVE-2001-1013 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server. | ||||
| CVE-2001-1016 | 1 Pgp | 5 Corporate Desktop, E-business Server, Freeware and 2 more | 2026-04-16 | N/A |
| PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Freeware before 7.0.3, and E-Business Server before 7.1 does not properly display when invalid userID's are used to sign a message, which could allow an attacker to make the user believe that the document has been signed by a trusted third party by adding a second, invalid user ID to a key which has already been signed by the third party, aka the "PGPsdk Key Validity Vulnerability." | ||||
| CVE-2001-1018 | 1 Lotus | 1 Domino | 2026-04-16 | N/A |
| Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters. | ||||