Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0521 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2017-12-18 | 7.5 HIGH | N/A |
| Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document. | |||||
| CVE-2001-0437 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2017-12-18 | 5.0 MEDIUM | N/A |
| upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file. | |||||
| CVE-2001-0441 | 3 Debian, Mandrakesoft, Redhat | 4 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2017-12-18 | 7.5 HIGH | N/A |
| Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. | |||||
| CVE-2001-1232 | 1 Novell | 1 Groupwise | 2017-12-18 | 5.0 MEDIUM | N/A |
| GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get". | |||||
| CVE-2001-0705 | 1 Arcadia | 1 Arcadia Internet Store | 2017-12-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument. | |||||
| CVE-2001-0703 | 1 Arcadia | 1 Arcadia Internet Store | 2017-12-18 | 5.0 MEDIUM | N/A |
| tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter. | |||||
| CVE-2001-0704 | 1 Arcadia | 1 Arcadia Internet Store | 2017-12-18 | 7.5 HIGH | N/A |
| tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to discover the full path to the working directory via a URL with a template argument for a file that does not exist. | |||||
| CVE-2001-0023 | 1 Leif M. Wright | 1 Everythingform.cgi | 2017-12-18 | 10.0 HIGH | N/A |
| everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | |||||
| CVE-2001-0618 | 1 Lucent | 1 Orinoco Rg-1000 | 2017-12-18 | 7.5 HIGH | N/A |
| Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic. | |||||
| CVE-1999-1518 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2017-12-18 | 5.0 MEDIUM | N/A |
| Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults. | |||||
| CVE-2001-0029 | 1 Igor Khasilev | 1 Oops Proxy Server | 2017-12-18 | 10.0 HIGH | N/A |
| Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup. | |||||
| CVE-1999-1020 | 1 Novell | 1 Netware | 2017-12-18 | 7.5 HIGH | N/A |
| The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | |||||
| CVE-1999-1022 | 1 Sgi | 1 Irix | 2017-12-18 | 6.2 MEDIUM | N/A |
| serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. | |||||
| CVE-2001-0849 | 1 Duncan Hall | 1 Viralator | 2017-12-18 | 7.5 HIGH | N/A |
| viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget. | |||||
| CVE-2001-0711 | 1 Cisco | 1 Ios | 2017-12-18 | 5.0 MEDIUM | N/A |
| Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. | |||||
| CVE-2001-0472 | 1 Ibm | 1 High Availability Cluster Multiprocessing | 2017-12-18 | 5.0 MEDIUM | N/A |
| Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) HTTP object allows remote attackers to cause a denial of service (crash) via an extremely long HTTP request. | |||||
| CVE-1999-1525 | 1 Macromedia | 1 Shockwave Flash Plugin | 2017-12-18 | 5.1 MEDIUM | N/A |
| Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie. | |||||
| CVE-1999-1029 | 1 Ssh | 1 Ssh2 | 2017-12-18 | 7.5 HIGH | N/A |
| SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | |||||
| CVE-2001-0024 | 1 Leif M. Wright | 1 Simplestmail.cgi | 2017-12-18 | 10.0 HIGH | N/A |
| simplestmail.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the MyEmail parameter. | |||||
| CVE-2001-0617 | 1 Alliedtelesyn | 1 At-ar220e | 2017-12-18 | 7.5 HIGH | N/A |
| Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled. | |||||