Export limit exceeded: 345048 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345048 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0212 | 1 His | 1 Auktion | 2026-04-16 | N/A |
| Directory traversal vulnerability in HIS Auktion 1.62 allows remote attackers to read arbitrary files via a .. (dot dot) in the menue parameter, and possibly execute commands via shell metacharacters. | ||||
| CVE-2001-0214 | 1 Way | 1 Way-board | 2026-04-16 | N/A |
| Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte. | ||||
| CVE-2001-0705 | 1 Arcadia | 1 Arcadia Internet Store | 2026-04-16 | N/A |
| Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument. | ||||
| CVE-2001-1180 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child. | ||||
| CVE-2001-0215 | 1 Martin Hamilton | 1 Roads | 2026-04-16 | N/A |
| ROADS search.pl program allows remote attackers to read arbitrary files by specifying the file name in the form parameter and terminating the filename with a null byte. | ||||
| CVE-2001-0216 | 1 Mnscu Pals | 1 Webpals | 2026-04-16 | N/A |
| PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter. | ||||
| CVE-2001-0217 | 1 Mnscu Pals | 1 Webpals | 2026-04-16 | N/A |
| Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter. | ||||
| CVE-2001-0220 | 2 Ja-elvis, Ko-helvis | 2 Ja-elvis, Ko-helvis | 2026-04-16 | N/A |
| Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges. | ||||
| CVE-2001-0221 | 1 Freebsd | 1 Ja-xklock | 2026-04-16 | N/A |
| Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges. | ||||
| CVE-2001-0230 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges. | ||||
| CVE-2001-1227 | 2 Redhat, Zope | 3 Linux, Powertools, Zope | 2026-04-16 | N/A |
| Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. | ||||
| CVE-2001-1231 | 1 Novell | 1 Groupwise | 2026-04-16 | N/A |
| GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix. | ||||
| CVE-2001-1234 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. | ||||
| CVE-2001-0238 | 1 Microsoft | 6 Windows 2000, Windows 95, Windows 98 and 3 more | 2026-04-16 | N/A |
| Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests. | ||||
| CVE-2001-0245 | 1 Microsoft | 2 Index Server, Indexing Service | 2026-04-16 | N/A |
| Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability. | ||||
| CVE-2001-0712 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text (.txt), JPEG (.jpg), etc. | ||||
| CVE-2001-0246 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2000-0891 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. | ||||
| CVE-1999-1569 | 1 Id Software | 1 Quake | 2026-04-16 | N/A |
| Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit. | ||||
| CVE-1999-1514 | 1 Celtech Software | 1 Expressfs | 2026-04-16 | N/A |
| Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command. | ||||