Export limit exceeded: 363726 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363726 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0303 1 Novell 1 Groupwise 2026-04-16 N/A
GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows attackers to gain privileges of other users by logging in without a password.
CVE-2002-0304 1 Summit Computer Networks 1 Lil Http Server 2026-04-16 N/A
Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request.
CVE-2002-0305 1 Zero One Tech 1 P100s 2026-04-16 N/A
Zero One Tech (ZOT) P100s print server does not properly disable the SNMP service or change the default password, which could leave the server open to attack without the administrator's knowledge.
CVE-2002-0306 1 Avengers News System 1 Avengers News System 2026-04-16 N/A
ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the p (plugin) parameter.
CVE-2002-0307 1 Avengers News System 1 Avengers News System 2026-04-16 N/A
Directory traversal vulnerability in ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a .. (dot dot) in the p parameter, which reads the target file and attempts to execute the line using Perl's eval function.
CVE-2001-1435 1 Compaq 1 Tru64 2026-04-16 N/A
inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its services.
CVE-2001-1436 1 Dallas Semiconductor 1 Ibutton 2026-04-16 N/A
Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password.
CVE-2001-1437 1 Easyscripts 1 Easynews 2026-04-16 N/A
easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out.
CVE-2001-1438 2 Handspring, Palm 2 Visor, Palm Os 2026-04-16 N/A
Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image.
CVE-2001-1439 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.
CVE-2001-1440 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.
CVE-2001-1441 1 Ibm 1 Visualage For Java 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message.
CVE-2001-1442 1 Isc 1 Inn 2026-04-16 N/A
Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument.
CVE-2001-1443 1 Kth 1 Kth Kerberos 2026-04-16 N/A
KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote attackers to read communications via a man-in-the-middle attack.
CVE-2001-1444 1 Kth 1 Kth Kerberos 2026-04-16 N/A
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack.
CVE-2001-1445 1 Lotus 1 Domino Mail Server 2026-04-16 N/A
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
CVE-2001-1446 1 Apple 1 Mac Os X 2026-04-16 N/A
Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex in every directory, which allows remote attackers to learn the contents of files in web accessible directories.
CVE-2001-1447 1 Apple 1 Mac Os X 2026-04-16 N/A
NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges.
CVE-2001-1448 1 Magic 1 Edeveloper 2026-04-16 N/A
Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts.
CVE-2001-1449 2 Apache, Mandrakesoft 4 Http Server, Mandrake Linux, Mandrake Linux Corporate Server and 1 more 2026-04-16 N/A
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.