Export limit exceeded: 348110 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348110 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0943 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs. | ||||
| CVE-2001-0944 | 1 Khaled Mardam-bey | 1 Mirc | 2026-04-16 | N/A |
| DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process. | ||||
| CVE-2001-0945 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line. | ||||
| CVE-2001-0946 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins. | ||||
| CVE-2001-0948 | 1 Valicert | 1 Enterprise Validation Authority | 2026-04-16 | N/A |
| Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed. | ||||
| CVE-2001-0956 | 1 Speechio | 1 Speechd | 2026-04-16 | N/A |
| speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2001-0950 | 1 Valicert | 1 Enterprise Validation Authority | 2026-04-16 | 7.5 High |
| ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 uses insufficiently random data to (1) generate session tokens for HSMs using the C rand function, or (2) generate certificates or keys using /dev/urandom instead of another source which blocks when the entropy pool is low, which could make it easier for local or remote attackers to steal tokens or certificates via brute force guessing. | ||||
| CVE-2001-0952 | 1 Volition | 1 Red Faction | 2026-04-16 | N/A |
| THQ Volition Red Faction Game allows remote attackers to cause a denial of service (hang) of a client or server via packets to UDP port 7755. | ||||
| CVE-2001-0960 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2026-04-16 | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges. | ||||
| CVE-2001-0961 | 1 John E. Davis | 1 Most | 2026-04-16 | N/A |
| Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most. | ||||
| CVE-2001-0962 | 1 Ibm | 2 Websphere Application Server, Websphere Commerce Suite | 2026-04-16 | N/A |
| IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | ||||
| CVE-2001-0963 | 1 Pi-soft | 1 Spoonftp | 2026-04-16 | N/A |
| Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command. | ||||
| CVE-2001-0964 | 1 Valve Software | 1 Half-life | 2026-04-16 | N/A |
| Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command. | ||||
| CVE-2001-0965 | 1 Glftpd | 1 Glftpd | 2026-04-16 | N/A |
| glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters. | ||||
| CVE-2001-0966 | 1 Nudester.org | 1 Nudester | 2026-04-16 | N/A |
| Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command. | ||||
| CVE-2001-0967 | 1 Arkeia | 1 Arkeia | 2026-04-16 | 9.8 Critical |
| Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password guessing. | ||||
| CVE-2001-0969 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts. | ||||
| CVE-2001-0970 | 1 Tdavid | 1 Td Forum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum12.cgi) allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script. | ||||
| CVE-2001-0971 | 1 Aci | 1 4d Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request. | ||||
| CVE-2001-0972 | 1 Surf-net | 1 Asp Forum | 2026-04-16 | N/A |
| Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888." | ||||