Export limit exceeded: 345097 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345097 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1569 | 1 Id Software | 1 Quake | 2026-04-16 | N/A |
| Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit. | ||||
| CVE-1999-1514 | 1 Celtech Software | 1 Expressfs | 2026-04-16 | N/A |
| Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command. | ||||
| CVE-1999-1431 | 1 Microsoft | 1 Zero Administration Kit | 2026-04-16 | N/A |
| ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe. | ||||
| CVE-1999-1373 | 1 Fore | 1 Powerhub Software | 2026-04-16 | N/A |
| FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service (hang) via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. via nmap. | ||||
| CVE-1999-1263 | 1 Metamail Corporation | 1 Metamail | 2026-04-16 | N/A |
| Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file. | ||||
| CVE-1999-1024 | 1 Lbl | 1 Tcpdump | 2026-04-16 | N/A |
| ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet. | ||||
| CVE-2001-1154 | 2 Bsdi, Carnegie Mellon University | 2 Bsd Os, Cyrus Imap Server | 2026-04-16 | N/A |
| Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients. | ||||
| CVE-2001-1152 | 1 Baltimore Technologies | 1 Websweeper | 2026-04-16 | N/A |
| Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters. | ||||
| CVE-2001-1147 | 2 Andries Brouwer, Redhat | 2 Util-linux, Linux | 2026-04-16 | N/A |
| The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits. | ||||
| CVE-2001-1146 | 1 Lee Herron | 1 Allcommerce | 2026-04-16 | N/A |
| AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. | ||||
| CVE-2001-1145 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2026-04-16 | N/A |
| fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. | ||||
| CVE-2001-1444 | 1 Kth | 1 Kth Kerberos | 2026-04-16 | N/A |
| The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack. | ||||
| CVE-2001-1438 | 2 Handspring, Palm | 2 Visor, Palm Os | 2026-04-16 | N/A |
| Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image. | ||||
| CVE-2001-1427 | 1 Macromedia | 1 Coldfusion | 2026-04-16 | N/A |
| Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors. | ||||
| CVE-2001-1417 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data. | ||||
| CVE-2001-1142 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges. | ||||
| CVE-2001-1413 | 2 Ncompress, Redhat | 2 Ncompress, Enterprise Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument. | ||||
| CVE-2001-1129 | 1 Progress | 1 Progress | 2026-04-16 | N/A |
| Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable. | ||||
| CVE-2001-1127 | 1 Progress | 1 Progress | 2026-04-16 | N/A |
| Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump. | ||||
| CVE-2001-1118 | 1 Roxen | 1 Roxen Webserver | 2026-04-16 | N/A |
| A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL. | ||||