Search Results (364529 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0942 1 Lumigent 1 Log Explorer 2026-04-16 N/A
Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach.
CVE-2002-1137 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644.
CVE-2001-0830 1 6tunnel Project 1 6tunnel 2026-04-16 7.5 High
6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to and disconnecting from the server.
CVE-2001-0833 1 Oracle 1 Database Server 2026-04-16 N/A
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."
CVE-2001-0834 5 Conectiva, Debian, Htdig and 2 more 5 Linux, Debian Linux, Htdig and 2 more 2026-04-16 N/A
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
CVE-2001-0841 1 Ikonboard.com 1 Ikonboard 2026-04-16 N/A
Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie.
CVE-2001-0850 1 Caldera 1 Openlinux 2026-04-16 N/A
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.
CVE-2002-0952 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface.
CVE-2001-0851 4 Caldera, Linux, Redhat and 1 more 8 Openlinux, Openlinux Edesktop, Openlinux Eserver and 5 more 2026-04-16 N/A
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
CVE-2001-0859 1 Redhat 1 Linux 2026-04-16 N/A
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.
CVE-2002-0961 1 Voxel 1 Cbms 2026-04-16 N/A
Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection attack.
CVE-2002-1138 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka "Flaw in Output File Handling for Scheduled Jobs."
CVE-2001-0860 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).
CVE-2001-0864 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.
CVE-2001-0868 1 Redhat 1 Stronghold 2026-04-16 N/A
Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status.
CVE-2002-0964 1 Valve Software 2 Half-life, Half-life Dedicated Server 2026-04-16 N/A
Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out.
CVE-2001-0898 1 Opera Software 1 Opera Web Browser 2026-04-16 N/A
Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via about:cache.
CVE-2001-0906 2 Redhat, Tetex 2 Linux, Tetex 2026-04-16 N/A
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.
CVE-2001-0907 1 Linux 1 Linux Kernel 2026-04-16 N/A
Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link.
CVE-2001-0908 1 Citrix 1 Metaframe 2026-04-16 N/A
CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).