Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0076 | 1 Ikonboard.com | 1 Ikonboard | 2017-12-18 | 10.0 HIGH | N/A |
| register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed. | |||||
| CVE-2001-0996 | 1 Pop3lite | 1 Pop3lite | 2017-12-18 | 6.4 MEDIUM | N/A |
| POP3Lite before 0.2.4 does not properly quote a . (dot) in an email message, which could allow a remote attacker to append arbitrary text to the end of an email message, which could then be interpreted by various mail clients as valid POP server responses or other input that could cause clients to crash or otherwise behave unexpectedly. | |||||
| CVE-2001-0997 | 1 Textor Webmasters Ltd. | 1 Listrec.pl | 2017-12-18 | 7.5 HIGH | N/A |
| Textor Webmasters Ltd listrec.pl CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the TEMPLATE parameter. | |||||
| CVE-2001-0649 | 1 Apple | 1 Personal Web Sharing | 2017-12-18 | 5.0 MEDIUM | N/A |
| Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request. | |||||
| CVE-2001-0999 | 1 Microsoft | 1 Outlook Express | 2017-12-18 | 7.5 HIGH | N/A |
| Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script. | |||||
| CVE-2001-1000 | 1 Merit | 1 Aaa Radius Server | 2017-12-18 | 2.1 LOW | N/A |
| rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file. | |||||
| CVE-2001-0476 | 1 Swsoft | 1 Aspseek | 2017-12-18 | 7.5 HIGH | N/A |
| Multiple buffer overflows in s.cgi program in Aspseek search engine 1.03 and earlier allow remote attackers to execute arbitrary commands via (1) a long HTTP query string, or (2) a long tmpl parameter. | |||||
| CVE-2001-0624 | 1 Qnx | 1 Qnx | 2017-12-18 | 2.1 LOW | N/A |
| QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos. | |||||
| CVE-2001-0777 | 1 Omnicron | 1 Omnihttpd | 2017-12-18 | 5.0 MEDIUM | N/A |
| Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts. | |||||
| CVE-2001-0768 | 1 Steve Poulsen | 1 Guildftpd | 2017-12-18 | 4.6 MEDIUM | N/A |
| GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file. | |||||
| CVE-2000-0812 | 1 Sun | 1 Java System Web Server | 2017-12-18 | 10.0 HIGH | N/A |
| The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag. | |||||
| CVE-2001-0597 | 1 Zetetic Enterprises | 1 Strip | 2017-12-18 | 7.2 HIGH | N/A |
| Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'. | |||||
| CVE-2000-0826 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-18 | 10.0 HIGH | N/A |
| Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2000-0827 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-18 | 10.0 HIGH | N/A |
| Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. | |||||
| CVE-2000-0828 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-18 | 10.0 HIGH | N/A |
| Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter. | |||||
| CVE-2001-1012 | 1 Suse | 1 Suse Linux | 2017-12-18 | 7.2 HIGH | N/A |
| Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/. | |||||
| CVE-2001-1013 | 1 Redhat | 1 Linux | 2017-12-18 | 5.0 MEDIUM | N/A |
| Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server. | |||||
| CVE-2001-1014 | 1 Michael Boehme | 1 Webdiscount E Shop Online Shop System | 2017-12-18 | 7.5 HIGH | N/A |
| eshop.pl in WebDiscount(e)shop allows remote attackers to execute arbitrary commands via shell metacharacters in the seite parameter. | |||||
| CVE-2001-0581 | 1 Spytech | 1 Spynet Chat | 2017-12-18 | 5.0 MEDIUM | N/A |
| Spytech Spynet Chat Server 6.5 allows a remote attacker to create a denial of service (crash) via a large number of connections to port 6387. | |||||
| CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2017-12-18 | 5.0 MEDIUM | N/A |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | |||||