Search Results (363401 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0863 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
CVE-2004-0880 3 Gentoo, Getmail, Slackware 3 Linux, Getmail, Slackware Linux 2026-04-16 N/A
getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
CVE-2001-0864 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.
CVE-2003-1370 1 Nuked-klan 1 Nuked-klan 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module.
CVE-2001-0865 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
CVE-2001-0871 2 Alchemy Lab, Dek Software 2 Alchemy Eye, Alchemy Network Monitor 2026-04-16 N/A
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10.
CVE-2001-0872 3 Openbsd, Redhat, Suse 3 Openssh, Linux, Suse Linux 2026-04-16 N/A
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
CVE-2001-0875 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download.
CVE-2001-0876 1 Microsoft 4 Windows 98, Windows 98se, Windows Me and 1 more 2026-04-16 N/A
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
CVE-2001-0884 2 Gnu, Redhat 4 Mailman, Linux, Powertools and 1 more 2026-04-16 N/A
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
CVE-2001-0887 2 Oliver Rauch, Redhat 3 Xsane, Linux, Powertools 2026-04-16 N/A
xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files.
CVE-2001-0890 2 Redhat, Sane 3 Linux, Powertools, Sane 2026-04-16 N/A
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.
CVE-2001-0891 2 Cray, Sgi 2 Unicos, Nqsdaemon 2026-04-16 N/A
Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters.
CVE-2001-0898 1 Opera Software 1 Opera Web Browser 2026-04-16 N/A
Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via about:cache.
CVE-2001-0899 2 Phpnuke, Rick Fournier 2 Php-nuke, Network Tools 2026-04-16 N/A
Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable.
CVE-2003-1371 1 Nuked-klan 1 Nuked-klan 2026-04-16 N/A
Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules.
CVE-2001-0902 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.
CVE-2003-1374 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options.
CVE-2005-4039 1 Web4future 1 Portal Solutions 2026-04-16 N/A
Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter.
CVE-2006-0859 1 Michael Salzer 1 Guestbox 2026-04-16 N/A
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter.