Search Results (363407 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0644 1 Maxum Development Corporation 1 Rumpus Ftp Server 2026-04-16 N/A
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow attackers to gain privileges on the server.
CVE-2001-0642 1 Incredimail 1 Incredimail 2026-04-16 N/A
Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file.
CVE-2001-0641 3 Immunix, Redhat, Suse 3 Immunix, Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
CVE-2003-1284 1 Sambar 1 Sambar Server 2026-04-16 N/A
Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe.
CVE-2001-0633 1 Sun 1 Chilisoft 2026-04-16 N/A
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'.
CVE-2003-1283 1 Kazaa 1 Kazaa Media Desktop 2026-04-16 N/A
KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet Explorer (IE) local security zone, which could allow remote attackers to view local files and possibly execute arbitrary code.
CVE-2001-0629 1 Hp 1 Openview Network Node Manager 2026-04-16 N/A
HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter.
CVE-2001-0628 1 Microsoft 1 Word 2026-04-16 N/A
Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros, which allows a local attacker to execute arbitrary macros with the user ID of the Word user.
CVE-2003-1281 1 Eekim 1 Cgihtml 2026-04-16 N/A
cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files.
CVE-2001-0627 1 Sco 1 Openserver 2026-04-16 N/A
vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.
CVE-2003-1279 1 Insightful 1 S-plus 2026-04-16 N/A
S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html.
CVE-2001-0624 1 Qnx 1 Qnx 2026-04-16 N/A
QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos.
CVE-2001-0497 1 Isc 1 Bind 2026-04-16 7.8 High
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
CVE-2001-0501 1 Microsoft 1 Word 2026-04-16 N/A
Microsoft Word 2002 and earlier allows attackers to automatically execute macros without warning the user by embedding the macros in a manner that escapes detection by the security scanner.
CVE-2001-0502 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.
CVE-2003-1246 1 Pedestal Software 1 Integrity Protection Driver 2026-04-16 N/A
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command.
CVE-2003-1247 1 Positive Software 1 H-sphere 2026-04-16 N/A
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
CVE-2001-0503 1 Microsoft 1 Netmeeting 2026-04-16 N/A
Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service via a malformed string to the NetMeeting service port, aka a variant of the "NetMeeting Desktop Sharing" vulnerability.
CVE-2001-0504 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying.
CVE-2001-0521 1 Aladdin Knowledge Systems 1 Esafe Gateway 2026-04-16 N/A
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document.