Search Results (366936 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0327 1 Iplanet 1 Iplanet Web Server 2026-04-16 N/A
iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server.
CVE-2001-0328 2026-04-16 N/A
TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.
CVE-2001-0330 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed.
CVE-2001-0332 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability.
CVE-2001-0334 1 Microsoft 1 Internet Information Server 2026-04-16 7.5 High
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.
CVE-2001-0337 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.
CVE-2001-0339 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability."
CVE-2001-0340 1 Microsoft 1 Exchange Server 2026-04-16 N/A
An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically.
CVE-2001-0341 1 Microsoft 3 Frontpage Server Extensions, Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
CVE-2001-0346 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them.
CVE-2001-0367 1 Mirabilis 1 Icq 2026-04-16 N/A
Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters.
CVE-2001-0368 1 Free Peers 1 Bearshare 2026-04-16 N/A
Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack.
CVE-2001-0376 1 Sonicwall 2 Soho2, Tele2 2026-04-16 N/A
SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.
CVE-2001-0380 1 Crosscom Olicom 1 Xlt-f 2026-04-16 N/A
Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'.
CVE-2001-0382 1 Broadcom 1 Ccc Harvest 2026-04-16 N/A
Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application.
CVE-2001-0384 1 Siemens 1 Reliant Unix 2026-04-16 N/A
ppd in Reliant Sinix allows local users to corrupt arbitrary files via a symlink attack in the /tmp/ppd.trace file.
CVE-2001-0386 1 Analogx 1 Simpleserver Www 2026-04-16 N/A
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2001-0387 1 Hylafax 1 Hylafax 2026-04-16 N/A
Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows local users to gain privileges via the -q command line argument.
CVE-2001-0395 1 Lightwavemo 2 Consoleserver 3200, Consoleserver 3200 Firmware 2026-04-16 9.8 Critical
Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password guessing.
CVE-2001-0396 1 Lightwave 1 Consoleserver 2026-04-16 N/A
The pre-login mode in the System Administrator interface of Lightwave ConsoleServer 3200 allows remote attackers to obtain sensitive information such as system status, configuration, and users.