Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1196 | 1 Webmin | 1 Webmin | 2016-10-17 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument. | |||||
| CVE-2001-1201 | 1 Timecop | 1 Wmcube Gdk | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file. | |||||
| CVE-2001-1202 | 1 Delegate | 1 Delegate | 2016-10-17 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error. | |||||
| CVE-2001-1206 | 1 Matrixs Cgi Vault | 1 Last Lines | 2016-10-17 | 7.5 HIGH | N/A |
| Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable. | |||||
| CVE-2001-1208 | 1 Daydream | 1 Daydream Bbs | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA control code. | |||||
| CVE-2001-1334 | 1 Phpslash | 1 Phpslash | 2016-10-17 | 5.0 MEDIUM | N/A |
| Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL. | |||||
| CVE-2001-1230 | 1 Icecast | 1 Icecast | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | |||||
| CVE-2001-1229 | 2 Icecast, Libshout | 2 Icecast, Libshout | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code. | |||||
| CVE-2001-1370 | 1 Phplib Team | 1 Phplib | 2016-10-17 | 10.0 HIGH | N/A |
| prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5 and earlier, IMP before 2.2.6, and other packages that use PHPLib. | |||||
| CVE-2001-1277 | 1 Wolfram Schneider | 1 Makewhatis | 2016-10-17 | 2.1 LOW | N/A |
| makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters. | |||||
| CVE-2001-1276 | 1 Itcorp | 1 Ispell | 2016-10-17 | 1.2 LOW | N/A |
| ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file. | |||||
| CVE-2001-1350 | 1 Namazu | 1 Namazu | 2016-10-17 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter. | |||||
| CVE-2001-1305 | 1 Mirabilis | 1 Icq | 2016-10-17 | 5.0 MEDIUM | N/A |
| ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer. | |||||
| CVE-2001-1389 | 1 Xinetd | 1 Xinetd | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination. | |||||
| CVE-2001-0913 | 1 Network Solutions | 1 Rwhoisd | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers. | |||||
| CVE-2001-0916 | 1 Berkeley | 1 Pmake | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition. | |||||
| CVE-2001-0915 | 1 Berkeley | 1 Pmake | 2016-10-17 | 7.2 HIGH | N/A |
| Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition. | |||||
| CVE-2001-0930 | 1 Sendpage | 1 Sendpage.pl | 2016-10-17 | 7.5 HIGH | N/A |
| Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters. | |||||
| CVE-2001-0927 | 1 Gnome | 1 Libgtop Daemon | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions. | |||||
| CVE-2001-0933 | 1 Cooolsoft | 1 Powerftp | 2016-10-17 | 7.5 HIGH | N/A |
| Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:". | |||||