Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0230 1 Symantec 1 Antivirus Scan Engine 2026-04-16 N/A
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.
CVE-2001-0721 1 Microsoft 4 Windows 98, Windows 98se, Windows Me and 1 more 2026-04-16 N/A
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request.
CVE-2006-0231 1 Symantec 1 Antivirus Scan Engine 2026-04-16 N/A
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
CVE-2001-0809 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
CVE-2004-0099 1 Freebsd 1 Freebsd 2026-04-16 N/A
mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions.
CVE-2001-0815 1 Activestate 1 Activeperl 2026-04-16 N/A
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.
CVE-2001-0821 1 Dcscripts 1 Dcshop 2026-04-16 N/A
The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt.
CVE-2004-0105 3 Metamail Corporation, Redhat, Sgi 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more 2026-04-16 N/A
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
CVE-2001-0822 1 Packet Knights 1 Fpf Linux Kernel Module 2026-04-16 N/A
FPF kernel module 1.0 allows a remote attacker to cause a denial of service via fragmented packets.
CVE-2001-0823 1 Sgi 1 Performance Co-pilot 2026-04-16 N/A
The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).
CVE-2001-0836 1 Oracle 1 Application Server Web Cache 2026-04-16 N/A
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2001-0837 1 Deltathree 1 Pc-to-phone 2026-04-16 N/A
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.
CVE-2001-0842 1 Leoboard 1 Lb5000 2026-04-16 N/A
Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie.
CVE-2001-0845 1 Dec 4 Dec Openvms, Dec Openvms Alpha, Sevms and 1 more 2026-04-16 N/A
Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.
CVE-2004-0107 3 Redhat, Sgi, Sysstat 5 Enterprise Linux, Linux, Sysstat and 2 more 2026-04-16 N/A
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
CVE-2001-1533 1 Microsoft 1 Isa Server 2026-04-16 5.3 Medium
Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the server does not experience any instability. Therefore this "laws of physics" issue might not be included in CVE
CVE-2001-1540 1 David F. Mischler 1 Iproute 2026-04-16 N/A
IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header.
CVE-2001-1542 1 Network Associates 1 Webshield Smtp 2026-04-16 N/A
NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments.
CVE-2001-1545 1 Macromedia 1 Jrun 2026-04-16 N/A
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing.
CVE-2001-1081 2 Lucent, Simon Horms 2 Radius, Radius 2026-04-16 N/A
Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages.