Export limit exceeded: 364488 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364488 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0347 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. | ||||
| CVE-2002-0858 | 1 Oracle | 2 Oracle8i, Oracle9i | 2026-04-16 | N/A |
| catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges. | ||||
| CVE-2002-0283 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Windows XP with port 445 open allows remote attackers to cause a denial of service (CPU consumption) via a flood of TCP SYN packets containing possibly malformed data. | ||||
| CVE-2001-0346 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them. | ||||
| CVE-2001-0332 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2002-0282 | 1 Codeworx Technologies | 1 Dcp-portal | 2026-04-16 | N/A |
| DCP-Portal 3.7 through 4.5 allows remote attackers to obtain the physical path of the server via (1) a direct request to add_user.php, or via an invalid new_language parameter in (2) contents.php, (3) categories.php, or (4) files.php, which leaks the path in an error message. | ||||
| CVE-2001-0327 | 1 Iplanet | 1 Iplanet Web Server | 2026-04-16 | N/A |
| iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server. | ||||
| CVE-2001-0322 | 1 Microsoft | 3 Internet Explorer, Outlook, Outlook Express | 2026-04-16 | N/A |
| MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object. | ||||
| CVE-2001-0319 | 1 Ibm | 3 Net.commerce, Net.commerce Hosting Server, Websphere Commerce Suite | 2026-04-16 | N/A |
| orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. | ||||
| CVE-2001-0310 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts. | ||||
| CVE-2001-0301 | 2 Redhat, Stephen Turner | 2 Secure Web Server, Analog | 2026-04-16 | N/A |
| Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings. | ||||
| CVE-2001-0292 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator. | ||||
| CVE-2001-0288 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | ||||
| CVE-2001-0287 | 1 Symantec Veritas | 1 Cluster Server | 2026-04-16 | N/A |
| VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command. | ||||
| CVE-2002-0281 | 1 Codeworx Technologies | 1 Dcp-portal | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier allows remote attackers to gain privileges of other portal users by providing Javascript in the job information field to user_update.php. | ||||
| CVE-2002-0857 | 1 Oracle | 2 Database Server, Oracle8i | 2026-04-16 | N/A |
| Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file. | ||||
| CVE-2001-0286 | 1 A1webserver | 1 Http Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in A1 HTTP server 1.0a allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request. | ||||
| CVE-2002-0280 | 1 Codeblue | 1 Codeblue | 2026-04-16 | N/A |
| Buffer overflow in CodeBlue 4 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via a long string in an SMTP reply. | ||||
| CVE-2001-0285 | 1 A1webserver | 1 Http Server | 2026-04-16 | N/A |
| Buffer overflow in A1 HTTP server 1.0a allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | ||||
| CVE-2001-0284 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | ||||