Export limit exceeded: 345238 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345238 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345238 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1350 | 2 Namazu, Redhat | 2 Namazu, Linux | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter. | ||||
| CVE-2001-1354 | 1 Netwin | 2 Dmail, Surgeftp | 2026-04-16 | N/A |
| NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password. | ||||
| CVE-2001-1355 | 1 Netwin | 2 Dmail, Surgeftp | 2026-04-16 | N/A |
| Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | ||||
| CVE-2005-0630 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter. | ||||
| CVE-2001-1358 | 1 Phpheaven | 1 Phpmychat | 2026-04-16 | N/A |
| Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. | ||||
| CVE-2001-1359 | 1 Caldera | 1 Volution | 2026-04-16 | N/A |
| Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server. | ||||
| CVE-2001-1360 | 1 Mostang | 1 Sane | 2026-04-16 | N/A |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | ||||
| CVE-2001-1361 | 1 Twig Development Team | 1 Twig | 2026-04-16 | N/A |
| Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links. | ||||
| CVE-2001-1363 | 1 Phpwebsite Development Team | 1 Phpwebsite | 2026-04-16 | N/A |
| Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges. | ||||
| CVE-2001-1364 | 1 Project Purple | 1 Autodns | 2026-04-16 | N/A |
| Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain names that are not fully qualified. | ||||
| CVE-2005-0631 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters. | ||||
| CVE-2006-1280 | 1 Sherzod Ruzmetov | 1 Cgi Session | 2026-04-16 | N/A |
| CGI::Session 4.03-1 does not set proper permissions on temporary files created in (1) Driver::File and (2) Driver::db_file, which allows local users to obtain privileged information, such as session keys, by viewing the files. | ||||
| CVE-2001-1372 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message. | ||||
| CVE-2001-1367 | 1 Phpslice | 1 Phpslice | 2026-04-16 | N/A |
| The checkAccess function in PHPSlice 0.1.4, and all other versions between 0.1.1 and 0.1.6, does not properly verify the administrative access level, which could allow remote attackers to gain privileges. | ||||
| CVE-2001-1368 | 1 Iplanet | 1 Iplanet Web Server | 2026-04-16 | N/A |
| Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data. | ||||
| CVE-2001-1369 | 1 Leon J Breedt | 1 Pam-pgsql | 2026-04-16 | N/A |
| Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields. | ||||
| CVE-2001-1373 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments. | ||||
| CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2026-04-16 | N/A |
| expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | ||||
| CVE-2005-0632 | 1 Phpnews | 1 Phpnews | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter. | ||||
| CVE-2006-1288 | 1 Invision Power Services | 1 Invision Power Board | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060105 allow remote attackers to execute arbitrary SQL commands via cookies, related to (1) arrays of id/stamp pairs and (2) the keys in arrays of key/value pairs in ipsclass.php; (3) the topics variable in usercp.php; and the topicsread cookie in (4) topics.php, (5) search.php, and (6) forums.php. | ||||