Export limit exceeded: 363576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363576 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1147 2 Andries Brouwer, Redhat 2 Util-linux, Linux 2026-04-16 N/A
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
CVE-2001-1148 1 Sco 1 Openserver 2026-04-16 N/A
Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh.
CVE-2001-1149 1 Panda 1 Panda Antivirus Platinum 2026-04-16 N/A
Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service (crash) when a user selects an action for a malformed UPX packed executable file.
CVE-2001-1150 1 Trend Micro 2 Officescan, Virus Buster 2026-04-16 N/A
Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files.
CVE-2001-1151 1 Trend Micro 2 Officescan, Virus Buster 2026-04-16 N/A
Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.
CVE-2001-1152 1 Baltimore Technologies 1 Websweeper 2026-04-16 N/A
Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters.
CVE-2001-1153 1 Caldera 1 Openunix 2026-04-16 N/A
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.
CVE-2001-1365 1 Osi Codes Inc. 1 Intragnat 2026-04-16 N/A
Vulnerability in IntraGnat before 1.4.
CVE-2001-1154 2 Bsdi, Carnegie Mellon University 2 Bsd Os, Cyrus Imap Server 2026-04-16 N/A
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.
CVE-2001-1155 1 Freebsd 1 Freebsd 2026-04-16 9.8 Critical
TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing.
CVE-2001-1156 1 Typsoft 1 Typsoft Ftp Server 2026-04-16 N/A
TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR.
CVE-2001-1157 1 Baltimore Technologies 1 Websweeper 2026-04-16 N/A
Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode.
CVE-2001-1158 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.
CVE-2001-1159 1 Squirrelmail 1 Squirrelmail 2026-04-16 N/A
load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP.
CVE-2001-1160 1 Microburst 1 Udirectory 2026-04-16 N/A
udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field.
CVE-2001-1161 1 Lotus 1 Domino R5 Server 2026-04-16 N/A
Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script.
CVE-2002-1550 1 Ibm 1 Aix 2026-04-16 N/A
dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2001-1162 3 Hp, Redhat, Samba 3 Cifs-9000 Server, Linux, Samba 2026-04-16 N/A
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
CVE-2001-1163 1 Munica 1 Netsql 2026-04-16 N/A
Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attackers to execute arbitrary code via a long CONNECT argument to port 6500.
CVE-2001-1164 1 Caldera 1 Unixware 2026-04-16 N/A
Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.