Export limit exceeded: 348302 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348302 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1108 | 1 Snapstream | 1 Pvs | 2026-04-16 | N/A |
| Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a .. (dot dot) attack in the requested URL. | ||||
| CVE-2005-0511 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter. | ||||
| CVE-2001-1110 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-04-16 | N/A |
| EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection. | ||||
| CVE-2001-1111 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-04-16 | N/A |
| EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file. | ||||
| CVE-2001-1112 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-04-16 | N/A |
| Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters. | ||||
| CVE-2001-1113 | 1 Trolltech | 1 Trollftpd | 2026-04-16 | N/A |
| Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command. | ||||
| CVE-2001-1114 | 1 Netcode | 1 Nc Book | 2026-04-16 | N/A |
| book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell metacharacters in the "current" parameter. | ||||
| CVE-2001-1115 | 1 Sixhead | 1 Six-webboard | 2026-04-16 | N/A |
| generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot (..) in the content parameter. | ||||
| CVE-2001-1116 | 1 Identix | 1 Biologon | 2026-04-16 | N/A |
| Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running Windows 98 or ME, which allows an attacker with physical access to the system to bypass authentication through a secondary display. | ||||
| CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2026-04-16 | N/A |
| LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | ||||
| CVE-2005-0512 | 1 Mambo | 1 Mambo | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693. | ||||
| CVE-2001-1119 | 1 Ti Kan | 1 Xmcd | 2026-04-16 | N/A |
| cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2001-1120 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. | ||||
| CVE-2001-1122 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode. | ||||
| CVE-2001-1123 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID. | ||||
| CVE-2001-1124 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow. | ||||
| CVE-2001-1125 | 1 Symantec | 1 Liveupdate | 2026-04-16 | 9.8 Critical |
| Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site. | ||||
| CVE-2001-1126 | 1 Symantec | 1 Liveupdate | 2026-04-16 | N/A |
| Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | ||||
| CVE-2005-0520 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519. | ||||
| CVE-2006-1970 | 1 Kcscripts | 1 Portal Pack | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in KCScripts Classifieds, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter. | ||||