Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0154 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
CVE-2001-0167 1 Att 1 Winvnc 2026-04-16 N/A
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.
CVE-2001-0169 4 Mandrakesoft, Redhat, Trustix and 1 more 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more 2026-04-16 N/A
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
CVE-2002-0258 2 Icewarp, Merak 2 Web Mail, Mail Server 2026-04-16 N/A
Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. by extracting the ID from the user's answer or forward URLs.
CVE-2001-0170 4 Conectiva, Debian, Immunix and 1 more 4 Linux, Debian Linux, Immunix and 1 more 2026-04-16 N/A
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
CVE-2001-0171 1 Whitsoft 1 Slimserve 2026-04-16 N/A
Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request.
CVE-2002-0259 1 Instantservers Inc. 1 Miniportal 2026-04-16 N/A
InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
CVE-2002-0846 2 Macromedia, Redhat 3 Shockwave Flash, Enterprise Linux, Linux 2026-04-16 N/A
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
CVE-2001-0172 2 Hans Reiser, Suse 2 Reiserfs, Suse Linux 2026-04-16 N/A
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.
CVE-2002-0260 1 Instantservers Inc. 1 Miniportal 2026-04-16 N/A
Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility.
CVE-2002-0847 1 Tinyproxy 1 Tinyproxy 2026-04-16 N/A
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
CVE-2001-0173 2 Nobreak Technologies, Qdecoder 2 Crazywwwboard, Qdecoder 2026-04-16 N/A
Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.
CVE-2001-0174 1 Trend Micro 1 Virus Buster 2001 2026-04-16 N/A
Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a large "To" address.
CVE-2001-0175 1 Netscape 1 Fasttrack Server 2026-04-16 N/A
The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs.
CVE-2002-0261 1 Instantservers Inc. 1 Miniportal 2026-04-16 N/A
Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command.
CVE-2001-0176 1 Voyant Technologies 1 Sonata 2026-04-16 N/A
The setuid doroot program in Voyant Sonata 3.x executes arbitrary command line arguments, which allows local users to gain root privileges.
CVE-2001-0177 1 Webmaster 1 Conferenceroom 2026-04-16 N/A
WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a denial of service via a buddy relationship between the IRC server and a server clone.
CVE-2001-0178 4 Caldera, Conectiva, Mandrakesoft and 1 more 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
CVE-2001-0182 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources.
CVE-2001-0273 1 Holger Lamm 1 Pgp4pine 2026-04-16 N/A
pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext.