Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0038 | 1 Metaproducts | 1 Offline Explorer | 2025-04-03 | N/A |
| Offline Explorer 1.4 before Service Release 2 allows remote attackers to read arbitrary files by specifying the drive letter (e.g. C:) in the requested URL. | ||||
| CVE-2001-0039 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. | ||||
| CVE-2001-0043 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the phpgw_info parameter of the phpgw.inc.php program. | ||||
| CVE-2001-0056 | 1 Cisco | 1 Broadband Operating System | 2025-04-03 | N/A |
| The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | ||||
| CVE-2006-3544 | 1 Invision Power Services | 1 Invision Board | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 1.3 Final allow remote attackers to execute arbitrary SQL commands via the CODE parameter in a (1) Stats, (2) Mail, and (3) Reg action in index.php. NOTE: the developer has disputed this issue, stating that "At no point does the CODE parameter touch the database. The CODE parameter is used in a SWITCH statement to determine which function to run. | ||||
| CVE-2001-0097 | 1 Infinite | 1 Infinite Interchange | 2025-04-03 | N/A |
| The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request. | ||||
| CVE-2001-0098 | 1 Bea | 1 Weblogic Server | 2025-04-03 | N/A |
| Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string. | ||||
| CVE-2001-0100 | 1 Brian Stanback | 1 Bslist.cgi | 2025-04-03 | N/A |
| bslist.cgi mailing list script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. | ||||
| CVE-2001-0102 | 1 Apple | 1 Macos | 2025-04-03 | N/A |
| "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. | ||||
| CVE-2001-0123 | 1 Extropia | 1 Bbs Forum.cgi | 2025-04-03 | N/A |
| Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter. | ||||
| CVE-2001-0118 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2025-04-03 | N/A |
| rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2003-0765 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value. | ||||
| CVE-2001-0120 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2025-04-03 | N/A |
| useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2001-0121 | 1 Storagesoft | 1 Imagecast Ic3 | 2025-04-03 | N/A |
| ImageCast Control Center 4.1.0 allows remote attackers to cause a denial of service (resource exhaustion or system crash) via a long string to port 12002. | ||||
| CVE-2001-0124 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. | ||||
| CVE-2001-0147 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | ||||
| CVE-2001-0144 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2025-04-03 | N/A |
| CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. | ||||
| CVE-2001-0148 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | N/A |
| The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2006-3545 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer 7.0 Beta allows remote attackers to cause a denial of service (application crash) via a web page with multiple empty APPLET start tags. NOTE: a third party has disputed this issue, stating that the crash does not occur with Microsoft Internet Explorer 7.0 Beta3 | ||||
| CVE-2001-0174 | 1 Trend Micro | 1 Virus Buster 2001 | 2025-04-03 | N/A |
| Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a large "To" address. | ||||