Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1040 | 1 Hp | 1 Jetadmin | 2025-04-03 | N/A |
| HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password. | ||||
| CVE-2001-1068 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | N/A |
| qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system. | ||||
| CVE-2001-1083 | 2 Icecast, Redhat | 2 Icecast, Powertools | 2025-04-03 | N/A |
| Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). | ||||
| CVE-2001-1088 | 1 Microsoft | 2 Outlook, Outlook Express | 2025-04-03 | N/A |
| Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user. | ||||
| CVE-2001-1087 | 1 Network Appliance | 1 Netcache | 2025-04-03 | N/A |
| The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device. | ||||
| CVE-2001-1089 | 2 Alessandro Gardich, Joerg Wendland | 2 Nss Postgresql, Libnss-pgsql | 2025-04-03 | N/A |
| libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request. | ||||
| CVE-2001-1090 | 1 Alessandro Gardich | 1 Nss Postgresql | 2025-04-03 | N/A |
| nss_postgresql 0.6.1 and before allows a remote attacker to execute arbitrary SQL queries by inserting SQL code into an HTTP request. | ||||
| CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | ||||
| CVE-2001-1092 | 1 Compaq | 1 Tru64 | 2025-04-03 | N/A |
| msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file. | ||||
| CVE-2001-1093 | 1 Compaq | 1 Tru64 | 2025-04-03 | N/A |
| Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument. | ||||
| CVE-2001-1113 | 1 Trolltech | 1 Trollftpd | 2025-04-03 | N/A |
| Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command. | ||||
| CVE-2001-1114 | 1 Netcode | 1 Nc Book | 2025-04-03 | N/A |
| book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell metacharacters in the "current" parameter. | ||||
| CVE-2001-1107 | 1 Snapstream | 1 Pvs | 2025-04-03 | N/A |
| SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server. | ||||
| CVE-2001-1108 | 1 Snapstream | 1 Pvs | 2025-04-03 | N/A |
| Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a .. (dot dot) attack in the requested URL. | ||||
| CVE-2001-1110 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2025-04-03 | N/A |
| EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection. | ||||
| CVE-2001-1111 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2025-04-03 | N/A |
| EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file. | ||||
| CVE-2001-1112 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2025-04-03 | N/A |
| Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters. | ||||
| CVE-2001-1131 | 1 Whitsoft Development | 1 Slimftpd | 2025-04-03 | N/A |
| Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command. | ||||
| CVE-2001-1126 | 1 Symantec | 1 Liveupdate | 2025-04-03 | N/A |
| Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | ||||
| CVE-2001-1127 | 1 Progress | 1 Progress | 2025-04-03 | N/A |
| Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump. | ||||