Export limit exceeded: 366804 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366804 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0203 1 Watchguard 1 Firebox Ii 2026-04-16 N/A
Watchguard Firebox II firewall allows users with read-only access to gain read-write access, and administrative privileges, by accessing a file that contains hashed passphrases, and using the hashes during authentication.
CVE-2001-0205 1 Aol 1 Aol Server 2026-04-16 N/A
Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. (dot dot) attack.
CVE-2001-0206 1 Soft Lite 1 Serverworx 2026-04-16 N/A
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET request.
CVE-2001-0207 1 Pierre Beyssac 1 Bing 2026-04-16 N/A
Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr function.
CVE-2001-0208 1 Microfocus 1 Cobol 2026-04-16 N/A
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.
CVE-2001-0209 1 Shoutcast 1 Dnas 2026-04-16 N/A
Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) 1.7.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long description.
CVE-2006-1044 1 Lsoft 1 Listserv 2026-04-16 N/A
Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603.
CVE-2001-0099 1 Brian Stanback 1 Bsguest.cgi 2026-04-16 N/A
bsguest.cgi guestbook script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address.
CVE-2001-0098 1 Bea 1 Weblogic Server 2026-04-16 N/A
Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string.
CVE-2001-0097 1 Infinite 1 Infinite Interchange 2026-04-16 N/A
The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request.
CVE-2001-0093 1 Freebsd 1 Freebsd 2026-04-16 N/A
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
CVE-2001-0092 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.
CVE-2006-1033 1 Cpg-nuke 1 Dragonfly Cms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Dragonfly CMS before 9.0.6.1 allow remote attackers to inject arbitrary web script or HTML via (1) uname, (2) error, (3) profile or (4) the username filed parameter to the (a) Your_Account module, (5) catid, (6) sid, (7) Story Text or (8) Extended text text fields in the (b) News module, (9) month, (10) year or (11) sa parameter to the (c) Stories_Archive module, (12) show, (13) cid, (14) ratetype, or (15) orderby parameter to the (d) Web_Links module, (16) op, or (17) pollid parameter to the (e) Surveys module, (18) c parameter to the (f) Downloads module, (19) meta, or (20) album parameter to the (g) coppermine module, or the search box in the (21) Search, (22) Stories_Archive, (23) Downloads, and (24) Topics module.
CVE-2006-1945 1 Awstats 1 Awstats 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. NOTE: this might be the same core issue as CVE-2005-2732.
CVE-2000-1197 1 University Of Washington 1 Imap 2026-04-16 N/A
POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
CVE-2000-1198 1 Qualcomm 1 Qpopper 2026-04-16 5.5 Medium
qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.
CVE-2000-1199 1 Postgresql 1 Postgresql 2026-04-16 N/A
PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.
CVE-2000-1201 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.
CVE-2006-1036 1 Oracle 1 Diagnostics 2026-04-16 N/A
Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions."
CVE-2000-1207 1 Redhat 1 Linux 2026-04-16 N/A
userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).