Search Results (363508 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0850 1 Caldera 1 Openlinux 2026-04-16 N/A
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.
CVE-2001-0851 4 Caldera, Linux, Redhat and 1 more 8 Openlinux, Openlinux Edesktop, Openlinux Eserver and 5 more 2026-04-16 N/A
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
CVE-2001-0852 1 Redhat 1 Linux 2026-04-16 N/A
TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.
CVE-2001-0853 1 Entrust 1 Getaccess 2026-04-16 N/A
Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat.
CVE-2001-0854 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.
CVE-2001-0855 1 Rational Software 1 Clearcase 2026-04-16 N/A
Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable.
CVE-2001-0856 1 Ibm 1 4758 2026-04-16 N/A
Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker with physical access to the system and Combine_Key_Parts permissions, to steal DES and 3DES keys by using a brute force attack to create a 3DES exporter key.
CVE-2001-0857 1 Imp 1 Webmail 2026-04-16 N/A
Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter.
CVE-2001-0858 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.
CVE-2001-0859 1 Redhat 1 Linux 2026-04-16 N/A
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.
CVE-2001-0860 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).
CVE-2001-0861 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.
CVE-2001-0862 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL.
CVE-2001-0863 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
CVE-2001-0864 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.
CVE-2001-0865 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
CVE-2001-0866 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls.
CVE-2001-0867 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls.
CVE-2001-0868 1 Redhat 1 Stronghold 2026-04-16 N/A
Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status.
CVE-2001-0869 3 Caldera, Redhat, Suse 6 Openlinux Eserver, Openlinux Workstation, Linux and 3 more 2026-04-16 N/A
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.