Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1167 | 2008-09-10 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-0976. Reason: This candidate is a duplicate of CVE-2001-0976. Notes: CVE-2001-0976 should be used instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2001-1168 | 1 Phpmyexplorer | 2 Phpmyexplorer Classic, Phpmyexplorer Multiuser | 2008-09-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter. | |||||
CVE-2001-1173 | 1 Masqmail | 1 Masqmail | 2008-09-10 | 7.2 HIGH | N/A |
Vulnerability in MasqMail before 0.1.15 allows local users to gain privileges via piped aliases. | |||||
CVE-2001-1187 | 1 Mutasem Abudahab | 2 Csvform, Csvform Plus | 2008-09-10 | 7.5 HIGH | N/A |
csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter. | |||||
CVE-2001-1195 | 1 Novell | 1 Groupwise | 2008-09-10 | 7.5 HIGH | N/A |
Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. | |||||
CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2008-09-10 | 6.4 MEDIUM | N/A |
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | |||||
CVE-2001-1212 | 1 Aktivate | 1 Aktivate | 2008-09-10 | 5.0 MEDIUM | N/A |
Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter. | |||||
CVE-2001-1213 | 1 Datawizard | 1 Ftpxq | 2008-09-10 | 6.4 MEDIUM | N/A |
The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder. | |||||
CVE-2001-1214 | 1 Marcus S. Xenakis | 1 Unix Manual | 2008-09-10 | 7.5 HIGH | N/A |
manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters. | |||||
CVE-2001-1215 | 1 Michael Baumer | 1 Pfinger | 2008-09-10 | 7.5 HIGH | N/A |
Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file. | |||||
CVE-2001-1218 | 1 Microsoft | 1 Ie | 2008-09-10 | 2.1 LOW | N/A |
Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. | |||||
CVE-2001-1228 | 1 Gnu | 1 Gzip | 2008-09-10 | 7.5 HIGH | N/A |
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. | |||||
CVE-2001-1235 | 1 Derek Leung | 1 Pslash | 2008-09-10 | 7.5 HIGH | N/A |
pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | |||||
CVE-2001-1236 | 1 Sebastian Bunka | 1 Myphppagetool | 2008-09-10 | 7.5 HIGH | N/A |
myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | |||||
CVE-2001-0487 | 1 Ibm | 1 Aix Snmp | 2008-09-10 | 5.0 MEDIUM | N/A |
AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. | |||||
CVE-2001-0498 | 1 Oracle | 1 Oracle8i | 2008-09-10 | 5.0 MEDIUM | N/A |
Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8.1.7 and earlier allows remote attackers to cause a denial of service via a malformed SQLNet connection request with a large offset in the header extension. | |||||
CVE-2001-0515 | 1 Oracle | 2 Database Server, Oracle8i | 2008-09-10 | 5.0 MEDIUM | N/A |
Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value. | |||||
CVE-2001-0516 | 1 Oracle | 2 Oracle8i, Oracle9i | 2008-09-10 | 5.0 MEDIUM | N/A |
Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data. | |||||
CVE-2001-0534 | 2 Lucent, Merit | 2 Radius, Radius | 2008-09-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands. | |||||
CVE-2001-0556 | 1 Nedit | 1 Nedit | 2008-09-10 | 7.2 HIGH | N/A |
The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file. |