Export limit exceeded: 364612 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364612 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2026-04-16 | N/A |
| DNS cache poisoning via BIND, by predictable query IDs. | ||||
| CVE-1999-0023 | 6 Bsdi, Freebsd, Ibm and 3 more | 10 Bsd Os, Freebsd, Aix and 7 more | 2026-04-16 | N/A |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. | ||||
| CVE-2001-0555 | 1 Screaming Media | 1 Siteware | 2026-04-16 | N/A |
| ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. | ||||
| CVE-2002-0898 | 1 Opera Software | 1 Opera Web Browser | 2026-04-16 | N/A |
| Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline. | ||||
| CVE-2001-0556 | 2 Nedit, Redhat | 2 Nedit, Powertools | 2026-04-16 | N/A |
| The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file. | ||||
| CVE-2001-0557 | 1 T. Hauck | 1 Jana Web Server | 2026-04-16 | N/A |
| T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e). | ||||
| CVE-2002-0368 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| The Store Service in Microsoft Exchange 2000 allows remote attackers to cause a denial of service (CPU consumption) via a mail message with a malformed RFC message attribute, aka "Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources." | ||||
| CVE-2002-0899 | 1 Blueface | 1 Falcon Web Server | 2026-04-16 | N/A |
| Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot). | ||||
| CVE-2001-0558 | 1 T. Hauck | 1 Jana Web Server | 2026-04-16 | N/A |
| T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0). | ||||
| CVE-2001-0559 | 1 Paul Vixie | 1 Vixie Cron | 2026-04-16 | N/A |
| crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error. | ||||
| CVE-2002-0374 | 2 Padl Software, Redhat | 3 Pam Ldap, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name. | ||||
| CVE-2001-0560 | 2 Paul Vixie, Redhat | 2 Vixie Cron, Linux | 2026-04-16 | N/A |
| Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local attacker to gain additional privileges via a long username (> 20 characters). | ||||
| CVE-2002-0378 | 2 Astart Technologies, Redhat | 3 Lprng, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts. | ||||
| CVE-2001-0561 | 1 Drummond Miles | 1 A1stats | 2026-04-16 | N/A |
| Directory traversal vulnerability in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1disp4.cgi. | ||||
| CVE-2002-0900 | 1 Mit | 1 Pgp Public Key Server | 2026-04-16 | N/A |
| Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability. | ||||
| CVE-2001-0562 | 1 Drummond Miles | 1 A1stats | 2026-04-16 | N/A |
| a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to execute commands via a specially crafted URL which includes shell metacharacters. | ||||
| CVE-2002-0382 | 2 Redhat, Xchat | 3 Enterprise Linux, Linux, Xchat | 2026-04-16 | N/A |
| XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters. | ||||
| CVE-2001-0563 | 1 Electrosoft | 1 Electrocomm | 2026-04-16 | N/A |
| ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a remote attacker to create a denial of service via large (> 160000 character) strings sent to port 23. | ||||
| CVE-2001-0572 | 3 Openbsd, Redhat, Ssh | 3 Openssh, Linux, Ssh | 2026-04-16 | N/A |
| The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands. | ||||
| CVE-2001-0581 | 1 Spytech | 1 Spynet Chat | 2026-04-16 | N/A |
| Spytech Spynet Chat Server 6.5 allows a remote attacker to create a denial of service (crash) via a large number of connections to port 6387. | ||||