Export limit exceeded: 364785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364785 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1196 1 Webmin 1 Webmin 2026-04-16 N/A
Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument.
CVE-2002-0464 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
Directory traversal vulnerability in Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor.asp, (2) folderactions.asp, or (3) editoractions.asp.
CVE-2002-1011 1 Ibm 1 Tivoli Management Framework 2026-04-16 N/A
Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
CVE-1999-0548 2026-04-16 N/A
A superfluous NFS server is running, but it is not importing or exporting any file systems.
CVE-2001-1197 1 Kde 1 Kdeutils 2026-04-16 N/A
klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.
CVE-2002-1012 1 Ibm 1 Tivoli Management Framework 2026-04-16 N/A
Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
CVE-1999-0549 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT automatically logs in an administrator upon rebooting.
CVE-1999-0550 2026-04-16 N/A
A router's routing tables can be obtained from arbitrary hosts.
CVE-2001-1198 1 Hp 1 Hp-ux 2026-04-16 N/A
RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.
CVE-1999-0551 1 Hp 1 Openmail 2026-04-16 N/A
HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests.
CVE-1999-0554 2026-04-16 N/A
NFS exports system-critical data to the world, e.g. / or a password file.
CVE-2001-1199 1 Steve Kneizys 1 Agora.cgi 2026-04-16 N/A
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
CVE-2002-0466 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrowse.asp.
CVE-2002-1013 1 Inktomi 3 Media-ixt, Traffic Edge, Traffic Server 2026-04-16 N/A
Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argument.
CVE-1999-0555 2026-04-16 N/A
A Unix account with a name other than "root" has UID 0, i.e. root privileges.
CVE-2001-1200 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.
CVE-1999-0577 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
CVE-2001-1201 1 Timecop 1 Wmcube Gdk 2026-04-16 N/A
Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file.
CVE-1999-0581 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.
CVE-2001-1202 1 Delegate 1 Delegate 2026-04-16 N/A
Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.