Search Results (363436 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0969 1 Freebsd 1 Freebsd 2026-04-16 N/A
ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.
CVE-2001-0970 1 Tdavid 1 Td Forum 2026-04-16 N/A
Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum12.cgi) allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script.
CVE-2001-0971 1 Aci 1 4d Webserver 2026-04-16 N/A
Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request.
CVE-2001-0972 1 Surf-net 1 Asp Forum 2026-04-16 N/A
Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."
CVE-2001-0973 1 Fraunhofer Fit 1 Bscw 2026-04-16 N/A
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.
CVE-2001-0974 1 Oracle 1 Internet Directory 2026-04-16 N/A
Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2001-0975 1 Oracle 1 Internet Directory 2026-04-16 N/A
Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2001-0976 1 Hp 1 Process Resource Manager 2026-04-16 N/A
Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables.
CVE-2001-0978 1 Hp 1 Hp-ux 2026-04-16 N/A
login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.
CVE-2001-0979 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.
CVE-2001-0980 1 Caldera 2 Openlinux Server, Openlinux Workstation 2026-04-16 N/A
docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page.
CVE-2001-0981 1 Hp 1 Cifs-9000 Server 2026-04-16 N/A
HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.
CVE-2001-0982 1 Ibm 1 Tivoli Secureway Policy Director 2026-04-16 N/A
Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings.
CVE-2001-0983 1 Ultraedit 1 Ultraedit-32 2026-04-16 N/A
UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges.
CVE-2001-0985 1 Hassan Consulting 1 Shopping Cart 2026-04-16 N/A
shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter.
CVE-2001-0987 1 Nathan Neulinger 1 Cgiwrap 2026-04-16 N/A
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.
CVE-2001-0992 1 Kabotie Software Technologies 1 Shopplus Cart 2026-04-16 N/A
shopplus.cgi in ShopPlus shopping cart allows remote attackers to execute arbitrary commands via shell metacharacters in the "file" parameter.
CVE-2001-0995 1 Phpprojekt 1 Phpprojekt 2026-04-16 N/A
PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs.
CVE-2001-0490 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file.
CVE-2006-1798 1 Rateit 1 Rateit 2026-04-16 N/A
SQL injection vulnerability in rateit.php in RateIt 2.2 allows remote attackers to execute arbitrary SQL commands via the rateit_id parameter.