Export limit exceeded: 351382 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0420 | 1 Way To The Web | 1 Talkback | 2026-04-16 | N/A |
| Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter. | ||||
| CVE-2001-0421 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. | ||||
| CVE-2001-0422 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. | ||||
| CVE-2003-1164 | 1 Mldonkey | 1 Mldonkey | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remote attackers to inject arbitrary web script or HTML via the URI, which is injected into the HTML error page. | ||||
| CVE-2001-0462 | 1 Spencer Christensen | 1 Perl Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2001-0463 | 1 Acme Labs | 1 Perlcal | 2026-04-16 | N/A |
| Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter. | ||||
| CVE-2003-0853 | 3 Gnu, Redhat, Washington University | 4 Fileutils, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | ||||
| CVE-2001-0464 | 1 Crosswind | 1 Cyberscheduler | 2026-04-16 | N/A |
| Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter. | ||||
| CVE-2003-0861 | 1 Php | 1 Php | 2026-04-16 | N/A |
| Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors. | ||||
| CVE-2003-1165 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header. | ||||
| CVE-2001-0465 | 1 Intuit | 1 Turbo Tax | 2026-04-16 | N/A |
| TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information. | ||||
| CVE-2004-1401 | 1 Asp-rider | 1 Asp-rider | 2026-04-16 | N/A |
| SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary SQL statements and bypass authentication via the username parameter. | ||||
| CVE-2001-0520 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2026-04-16 | N/A |
| Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including (1) onload in the BODY tag, (2) href in the A tag, (3) the BUTTON tag, (4) the INPUT tag, or (5) any other tag in which scripts can be defined. | ||||
| CVE-2001-0523 | 1 Eeye Digital Security | 2 Secureiis, Securells | 2026-04-16 | N/A |
| eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected. | ||||
| CVE-2001-0524 | 1 Eeye Digital Security | 1 Securells | 2026-04-16 | N/A |
| eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier. | ||||
| CVE-2001-0535 | 1 Macromedia | 1 Coldfusion Server | 2026-04-16 | N/A |
| Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script. | ||||
| CVE-2001-0541 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allows remote attackers to execute arbitrary commands via a malformed Windows Media Station (.NSC) file. | ||||
| CVE-2001-0544 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table. | ||||
| CVE-2001-0545 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. | ||||
| CVE-2004-1400 | 1 Active Server Corner | 1 Asp Calendar | 2026-04-16 | N/A |
| The control panel in ASP Calendar does not require authentication to access, which allows remote attackers to gain unauthorized access via a direct request to main.asp. | ||||