Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0066 2 Kevin Lindsay, Redhat 2 Secure Locate, Linux 2026-04-16 N/A
Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer.
CVE-2001-0067 1 Judd Montgomery 1 Jpilot 2026-04-16 N/A
The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set.
CVE-2001-0068 1 Apple 1 Mac Os Runtime For Java 2026-04-16 N/A
Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter.
CVE-2001-0069 1 Debian 1 Debian Linux 2026-04-16 N/A
dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack.
CVE-2002-0845 1 Iplanet 1 Iplanet Web Server 2026-04-16 N/A
Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding.
CVE-2001-0147 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records.
CVE-2001-0148 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability.
CVE-2001-0149 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.
CVE-2001-0151 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
CVE-2001-0154 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
CVE-2001-0167 1 Att 1 Winvnc 2026-04-16 N/A
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.
CVE-2001-0169 4 Mandrakesoft, Redhat, Trustix and 1 more 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more 2026-04-16 N/A
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
CVE-2002-0258 2 Icewarp, Merak 2 Web Mail, Mail Server 2026-04-16 N/A
Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. by extracting the ID from the user's answer or forward URLs.
CVE-2001-0170 4 Conectiva, Debian, Immunix and 1 more 4 Linux, Debian Linux, Immunix and 1 more 2026-04-16 N/A
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
CVE-2001-0171 1 Whitsoft 1 Slimserve 2026-04-16 N/A
Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request.
CVE-2002-0259 1 Instantservers Inc. 1 Miniportal 2026-04-16 N/A
InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges.
CVE-2002-0846 2 Macromedia, Redhat 3 Shockwave Flash, Enterprise Linux, Linux 2026-04-16 N/A
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
CVE-2001-0172 2 Hans Reiser, Suse 2 Reiserfs, Suse Linux 2026-04-16 N/A
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.
CVE-2002-0260 1 Instantservers Inc. 1 Miniportal 2026-04-16 N/A
Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility.
CVE-2002-0847 1 Tinyproxy 1 Tinyproxy 2026-04-16 N/A
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).