Search Results (363281 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1388 2 Netfilter, Redhat 2 Iptables, Linux 2026-04-16 N/A
iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator.
CVE-2001-1389 2 Redhat, Xinetd 2 Linux, Xinetd 2026-04-16 N/A
Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination.
CVE-2001-1392 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers.
CVE-2001-1393 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang).
CVE-2004-0753 2 Gnome, Redhat 3 Gdkpixbuf, Gtk, Enterprise Linux 2026-04-16 N/A
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
CVE-2004-0927 2 Apple, Easy Software Products 3 Mac Os X, Mac Os X Server, Cups 2026-04-16 N/A
ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.
CVE-2001-1404 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.
CVE-2001-1405 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi.
CVE-2001-1406 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent.
CVE-2001-1407 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug.
CVE-2001-1408 1 Cobalt 2 Qube, Webmail 2026-04-16 N/A
Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the mailbox parameter.
CVE-2001-1411 1 Apple 1 Mac Os X 2026-04-16 N/A
Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs.
CVE-2001-1412 1 Apple 1 Mac Os X 2026-04-16 N/A
nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.
CVE-2001-1415 1 Openbsd 1 Openbsd 2026-04-16 N/A
vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes.
CVE-2001-1416 1 Aol 1 Instant Messenger 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags.
CVE-2004-0928 2 Hitachi, Macromedia 4 Cosminexus Enterprise, Cosminexus Server, Coldfusion and 1 more 2026-04-16 N/A
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
CVE-2001-1420 1 Aol 1 Instant Messenger 2026-04-16 N/A
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow.
CVE-2001-1421 1 Aol 1 Instant Messenger 2026-04-16 N/A
AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to cause a denial of service (application crash) via a large number of different fonts followed by an HTML HR tag.
CVE-2001-1422 1 Att 1 Winvnc 2026-04-16 N/A
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
CVE-2001-1423 1 Advanced Poll 1 Advanced Poll 2026-04-16 N/A
Advanced Poll before 1.61, when using a flat file database, allows remote attackers to gain privileges by setting the logged_in parameter.