Search Results (364424 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0128 6 Conectiva, Debian, Freebsd and 3 more 8 Linux, Debian Linux, Freebsd and 5 more 2026-04-16 N/A
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
CVE-2001-0129 1 Tinyproxy 1 Tinyproxy 2026-04-16 N/A
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.
CVE-2001-0130 1 Lotus 2 Domino R5 Client, Domino R5 Server 2026-04-16 N/A
Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.
CVE-2002-0253 1 Php 1 Php 2026-04-16 N/A
PHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the base path, causes the include directive to fail, and produces an error message that contains the path.
CVE-2001-0133 1 Trend Micro 1 Interscan Viruswall 2026-04-16 N/A
The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords.
CVE-2002-0254 1 Mirabilis 1 Icq 2026-04-16 N/A
ICQ 2001b Build 3659 allows remote attackers to cause a denial of service (crash) via a malformed picture that contains large height and width values, which causes the crash when viewed in Userdetails.
CVE-2001-0137 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability.
CVE-2002-0844 2 Distrotech, Redhat 2 Cvs, Enterprise Linux 2026-04-16 7.8 High
Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.
CVE-2001-0139 5 Caldera, Debian, Immunix and 2 more 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more 2026-04-16 N/A
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2001-0142 5 Immunix, Mandrakesoft, National Science Foundation and 2 more 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more 2026-04-16 N/A
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2001-0143 2 Immunix, Redhat 2 Immunix, Linux 2026-04-16 N/A
vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-0144 2 Openbsd, Ssh 2 Openssh, Ssh 2026-04-16 N/A
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
CVE-2002-0257 2 Apache, Usanet Creations 2 Http Server, Makebid Auction Deluxe 2026-04-16 N/A
Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4.
CVE-2001-0145 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field.
CVE-2001-0146 1 Microsoft 2 Exchange Server, Internet Information Services 2026-04-16 N/A
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's.
CVE-2002-0845 1 Iplanet 1 Iplanet Web Server 2026-04-16 N/A
Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding.
CVE-2001-0147 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records.
CVE-2001-0148 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability.
CVE-2001-0149 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.
CVE-2001-0150 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts.