Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0570 | 1 Minicom | 1 Minicom | 2017-12-18 | 7.2 HIGH | N/A |
| minicom 1.83.1 and earlier allows a local attacker to gain additional privileges via numerous format string attacks. | |||||
| CVE-2001-1018 | 1 Lotus | 1 Domino | 2017-12-18 | 5.0 MEDIUM | N/A |
| Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters. | |||||
| CVE-2001-1019 | 1 Seaglass Technologies Inc. | 1 Sglmerchant | 2017-12-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in view_item CGI program in sglMerchant 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTML_FILE parameter. | |||||
| CVE-2001-1042 | 1 Transsoft | 1 Broker Ftp Server | 2017-12-18 | 5.0 MEDIUM | N/A |
| Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | |||||
| CVE-2000-0833 | 1 Jack De Winter | 1 Winsmtp | 2017-12-18 | 10.0 HIGH | N/A |
| Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command. | |||||
| CVE-2000-0836 | 1 Broadgun Software | 1 Camshot Webcam | 2017-12-18 | 7.5 HIGH | N/A |
| Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to execute arbitrary commands via a long Authorization header. | |||||
| CVE-2001-0025 | 1 Leif M. Wright | 1 Ad.cgi | 2017-12-18 | 10.0 HIGH | N/A |
| ad.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter. | |||||
| CVE-2001-1023 | 1 Xcache Technologies | 1 Xcache | 2017-12-18 | 5.0 MEDIUM | N/A |
| Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header. | |||||
| CVE-2001-1024 | 1 Entrust | 1 Getaccess | 2017-12-18 | 7.5 HIGH | N/A |
| login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java programs, and possibly arbitrary commands, by specifying an alternate -classpath argument. | |||||
| CVE-2000-0840 | 1 Davide Libenzi | 1 Xmail | 2017-12-18 | 10.0 HIGH | N/A |
| Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long USER command. | |||||
| CVE-2001-1026 | 1 Trend Micro | 1 Interscan Applettrap | 2017-12-18 | 7.5 HIGH | N/A |
| Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address. | |||||
| CVE-2000-0841 | 1 Davide Libenzi | 1 Xmail | 2017-12-18 | 10.0 HIGH | N/A |
| Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long APOP command. | |||||
| CVE-2001-1031 | 1 Charles Clark | 1 Meteor Ftpd | 2017-12-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Meteor FTP 1.0 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the ls/LIST command, or (2) a ... in the cd/CWD command. | |||||
| CVE-2000-0857 | 1 Sebastian Kienzl | 1 Muh | 2017-12-18 | 7.5 HIGH | N/A |
| The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname. | |||||
| CVE-2001-1033 | 1 Compaq | 2 Tru64, Trucluster | 2017-12-18 | 5.0 MEDIUM | N/A |
| Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state. | |||||
| CVE-2001-1034 | 1 Freebsd | 1 Freebsd | 2017-12-18 | 7.2 HIGH | N/A |
| Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. | |||||
| CVE-1999-0757 | 1 Allaire | 1 Coldfusion Server | 2017-12-18 | 2.1 LOW | N/A |
| The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. | |||||
| CVE-2000-0866 | 1 Borland Software | 1 Interbase Superserver | 2017-12-18 | 2.1 LOW | N/A |
| Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes. | |||||
| CVE-2001-1047 | 1 Openbsd | 1 Openbsd | 2017-12-18 | 1.2 LOW | N/A |
| Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork. | |||||
| CVE-2001-0776 | 1 Dynfx | 1 Dynfx Mailserver | 2017-12-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in DynFX MailServer version 2.10 allows remote attackers to conduct a denial of service via a long username to the POP3 service. | |||||