Export limit exceeded: 345217 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345217 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1203 | 1 Alessandro Rubini | 1 Gpm | 2026-04-16 | N/A |
| Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges. | ||||
| CVE-2001-1204 | 1 Total Pc Solutions | 1 Php Rocket Add-in | 2026-04-16 | N/A |
| Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2001-1205 | 1 Matrixs Cgi Vault | 1 Last Lines | 2026-04-16 | N/A |
| Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via '..' sequences in the $error_log variable. | ||||
| CVE-2001-1206 | 1 Matrixs Cgi Vault | 1 Last Lines | 2026-04-16 | N/A |
| Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable. | ||||
| CVE-2001-1208 | 1 Daydream | 1 Daydream Bbs | 2026-04-16 | N/A |
| Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA control code. | ||||
| CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2026-04-16 | N/A |
| Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | ||||
| CVE-2001-1211 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain. | ||||
| CVE-2001-1212 | 1 Aktivate | 1 Aktivate | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter. | ||||
| CVE-2001-1213 | 1 Datawizard | 1 Ftpxq | 2026-04-16 | N/A |
| The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder. | ||||
| CVE-2001-1214 | 1 Marcus S. Xenakis | 1 Unix Manual | 2026-04-16 | N/A |
| manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters. | ||||
| CVE-2001-1215 | 1 Michael Baumer | 1 Pfinger | 2026-04-16 | N/A |
| Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file. | ||||
| CVE-2001-1217 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences. | ||||
| CVE-2001-1218 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. | ||||
| CVE-2001-1219 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. | ||||
| CVE-2001-1220 | 1 D-link | 1 Dwl-1000ap | 2026-04-16 | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. | ||||
| CVE-2001-1221 | 1 D-link | 1 Dwl-1000ap | 2026-04-16 | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information. | ||||
| CVE-2001-1222 | 1 Plesk | 1 Plesk Server Administrator | 2026-04-16 | N/A |
| Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain. | ||||
| CVE-2001-1223 | 1 Elsa | 1 Lancom 1100 Office | 2026-04-16 | N/A |
| The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server. | ||||
| CVE-2001-1224 | 1 Les Vanbrunt | 1 Adrotate Pro | 2026-04-16 | N/A |
| get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. | ||||