Search Results (365349 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0451 1 Sentraweb 1 Indexu 2026-04-16 N/A
INDEXU 2.0 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the cookie_admin_authenticated cookie value to 1.
CVE-2001-0454 1 Whitsoft 1 Slimserve 2026-04-16 N/A
Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.
CVE-2001-0456 1 Debian 1 Debian Linux 2026-04-16 N/A
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
CVE-2001-0457 1 Debian 1 Debian Linux 2026-04-16 N/A
man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion).
CVE-2005-3961 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
export_handler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files via a modified id parameter.
CVE-2005-4324 1 Hitachi 1 Groupmax Mail Smtp 2026-04-16 N/A
Hitachi Groupmax Mail SMTP 06-50 through 06-52-/A and 07-00 through 07-20 allows remote attackers to cause a denial of service (service stop) via an e-mail message with an "invalid format."
CVE-2001-0459 2 Afterstep.org, Rob Malda 2 Afterstep, Ascdc 2026-04-16 N/A
Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option.
CVE-2005-3360 1 Trend Micro 1 Pc-cillin 2005 2026-04-16 N/A
The installation of Trend Micro PC-Cillin Internet Security 2005 12.00 build 1244, and probably previous versions, uses insecure default ACLs, which allows local users to cause a denial of service (disabled service) and gain system privileges by modifying or moving critical program files.
CVE-2005-3363 1 Saphp 1 Saphplesson 2026-04-16 N/A
SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.
CVE-2001-0462 1 Spencer Christensen 1 Perl Web Server 2026-04-16 N/A
Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2005-2322 2 Class-1, Clever Copy 2 Class-1 Forum, Clever Copy 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allows remote attackers to inject arbitrary web script or HTML via the (1) viewuser_id or (2) group parameter to users.php.
CVE-2001-0466 1 Microburst 1 Ustorekeeper Online Shopping System 2026-04-16 N/A
Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2001-0470 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name.
CVE-2004-1009 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2026-04-16 N/A
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2005-0673 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php.
CVE-2005-1902 1 E-post Corporation 1 Spa-pro Mail Atsolomon 2026-04-16 N/A
Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. sequences in the (1) SELECT, (2) CREATE, (3) DELETE, and (4) RENAME commands.
CVE-2001-0471 1 Ssh 1 Ssh 2026-04-16 N/A
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack.
CVE-2001-0472 1 Ibm 1 High Availability Cluster Multiprocessing 2026-04-16 N/A
Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) HTTP object allows remote attackers to cause a denial of service (crash) via an extremely long HTTP request.
CVE-2005-2325 1 Clever Copy 1 Clever Copy 2026-04-16 N/A
Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full path of the web root via a direct request to (1) ticker.php, (2) menu.php, (3) banned.php, (4) endlayout.php, (5) randomhlinesblock.php, (6) showlast.php, (7) showlast5class1.php, (8) showlast5phorum.php, (9) showlast5phorumblock.php, (10) showlastforumbb2.php, or (11) showlastforumbb2block.php.
CVE-2004-1010 2 Info-zip, Redhat 2 Zip, Enterprise Linux 2026-04-16 N/A
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.