Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1171 1 Markus Triska 1 Cgiforum 2026-04-16 N/A
Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter.
CVE-2000-1172 1 Rob Flynn 1 Gaim 2026-04-16 N/A
Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.
CVE-2000-1189 1 Redhat 1 Linux 2026-04-16 N/A
Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.
CVE-2000-1204 1 Apache 1 Http Server 2026-04-16 N/A
Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
CVE-2000-1212 2 Redhat, Zope 2 Powertools, Zope 2026-04-16 N/A
Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects.
CVE-2000-1223 1 I-soft 1 Quikstore 2026-04-16 N/A
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.
CVE-2004-0009 1 Apache-ssl 1 Apache-ssl 2026-04-16 N/A
Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
CVE-2004-0830 1 F-secure 3 F-secure Anti-virus, F-secure Content Scanner Server, Internet Gatekeeper 2026-04-16 N/A
The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet.
CVE-2000-1232 1 Phorum 1 Phorum 2026-04-16 N/A
upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method.
CVE-2004-0015 1 Vbox3 1 Vbox3 2026-04-16 N/A
vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges.
CVE-2001-0154 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
CVE-2001-0163 1 Cisco 1 Aironet Ap340 2026-04-16 N/A
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
CVE-2001-0169 4 Mandrakesoft, Redhat, Trustix and 1 more 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more 2026-04-16 N/A
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
CVE-2001-0170 4 Conectiva, Debian, Immunix and 1 more 4 Linux, Debian Linux, Immunix and 1 more 2026-04-16 N/A
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
CVE-2001-0173 2 Nobreak Technologies, Qdecoder 2 Crazywwwboard, Qdecoder 2026-04-16 N/A
Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.
CVE-2001-0218 1 Martin Stover 1 Mars Nwe 2026-04-16 N/A
Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands.
CVE-2004-0087 1 Apple 1 Mac Os X 2026-04-16 N/A
The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify network settings, a different vulnerability than CVE-2004-0088.
CVE-2001-0236 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.
CVE-2004-0092 1 Apple 1 Mac Os X 2026-04-16 N/A
Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.
CVE-2001-1464 1 Businessobjects 1 Crystal Reports 2026-04-16 N/A
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.