Export limit exceeded: 363406 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363406 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363406 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2205 | 1 Pngren | 1 Pngren | 2026-04-16 | N/A |
| The ReadLog function in kaiseki.cgi in pngren allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | ||||
| CVE-2002-0583 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack. | ||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2026-04-16 | N/A |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | ||||
| CVE-2001-0248 | 2 Hp, Sgi | 2 Hp-ux, Irix | 2026-04-16 | 9.8 Critical |
| Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | ||||
| CVE-2001-0256 | 1 Fastream | 1 Ftp\+\+ Server | 2026-04-16 | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username. | ||||
| CVE-2001-0257 | 1 I-data International | 1 Easycom Safecom Print Server | 2026-04-16 | N/A |
| Buffer overflow in Easycom/Safecom Print Server Web service, version 404.590 and earlier, allows remote attackers to execute arbitrary commands via (1) a long URL or (2) a long HTTP header field such as "Host:". | ||||
| CVE-2001-0266 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges. | ||||
| CVE-2002-0592 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger (AIM) allows remote attackers to steal files that are being transferred to other clients by connecting to port 4443 (Direct Connection) or port 5190 (file transfer) before the intended user. | ||||
| CVE-2001-0268 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2026-04-16 | N/A |
| The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | ||||
| CVE-2001-0270 | 1 Marconi | 2 Asx-1000, Forethought | 2026-04-16 | N/A |
| Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set. | ||||
| CVE-2001-0277 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request. | ||||
| CVE-2001-0278 | 1 Hp | 1 Mpe Ix | 2026-04-16 | N/A |
| Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. | ||||
| CVE-2001-0283 | 1 Sun | 1 Sun Ftp | 2026-04-16 | N/A |
| Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT. | ||||
| CVE-2001-0293 | 1 Datawizard | 1 Ftpxq | 2026-04-16 | N/A |
| Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. (dot dot) in the GET command. | ||||
| CVE-2001-0302 | 1 Pi3 | 1 Pi3web | 2026-04-16 | N/A |
| Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | ||||
| CVE-2001-0310 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts. | ||||
| CVE-2001-0311 | 1 Hp | 2 Hp-ux, Omniback Ii | 2026-04-16 | N/A |
| Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. | ||||
| CVE-2006-1767 | 1 Nicecoder | 1 Indexu | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in nicecoder.com INDEXU 5.0.0 and 5.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the theme_path parameter in (1) index.php, (2) become_editor.php, (3) add.php, (4) bad_link.php, (5) browse.php, (6) detail.php, (7) fav.php, (8) get_rated.php, (9) login.php, (10) mailing_list.php, (11) new.php, (12) modify.php, (13) pick.php, (14) power_search.php, (15) rating.php, (16) register.php, (17) review.php, (18) rss.php, (19) search.php, (20) send_pwd.php, (21) sendmail.php, (22) tell_friend.php, (23) top_rated.php, (24) user_detail.php, and (25) user_search.php; and the (26) base_path parameter in invoice.php. | ||||
| CVE-2006-1769 | 1 Userland | 1 Manila | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila 9.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the mode parameter in msgReader$1 and (2) the end of the URI in viewDepartment$. | ||||
| CVE-2001-0320 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument. | ||||