Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1191 1 Ibm 1 Tivoli Secureway Policy Director 2008-09-05 5.0 MEDIUM N/A
WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.
CVE-2001-1199 1 Steve Kneizys 1 Agora.cgi 2008-09-05 7.5 HIGH N/A
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
CVE-2001-1200 1 Microsoft 1 Windows Xp 2008-09-05 7.2 HIGH N/A
Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.
CVE-2001-1207 1 Daydream 1 Daydream Bbs 2008-09-05 7.5 HIGH N/A
Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA.
CVE-2001-1211 1 Ipswitch 1 Imail 2008-09-05 7.5 HIGH N/A
Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain.
CVE-2001-1216 1 Oracle 1 Application Server 2008-09-05 7.5 HIGH N/A
Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page.
CVE-2001-1217 1 Oracle 1 Application Server 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
CVE-2001-1220 1 D-link 1 Dwl-1000ap 2008-09-05 10.0 HIGH N/A
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges.
CVE-2001-1221 1 D-link 1 Dwl-1000ap 2008-09-05 5.0 MEDIUM N/A
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information.
CVE-2001-1222 1 Plesk 1 Plesk Server Administrator 2008-09-05 5.0 MEDIUM N/A
Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain.
CVE-2001-1223 1 Elsa 1 Lancom 1100 Office 2008-09-05 10.0 HIGH N/A
The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.
CVE-2001-0395 1 Lightwave 1 Consoleserver 2008-09-05 7.5 HIGH N/A
Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password guessing.
CVE-2001-0396 1 Lightwave 1 Consoleserver 2008-09-05 5.0 MEDIUM N/A
The pre-login mode in the System Administrator interface of Lightwave ConsoleServer 3200 allows remote attackers to obtain sensitive information such as system status, configuration, and users.
CVE-2001-0397 1 Silent Runner 1 Silent Runner Collector Src 2008-09-05 7.5 HIGH N/A
Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long SMTP HELO command.
CVE-2001-0398 1 Ritlabs 1 The Bat 2008-09-05 7.5 HIGH N/A
The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment's type with a different icon.
CVE-2001-0400 1 Matt Tourtillott 1 Nph-maillist 2008-09-05 7.5 HIGH N/A
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.
CVE-2001-0406 1 Samba 1 Samba 2008-09-05 2.1 LOW N/A
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.
CVE-2001-0418 1 Ncm 1 Ncm Content Management System 2008-09-05 5.0 MEDIUM N/A
content.pl script in NCM Content Management System allows remote attackers to read arbitrary contents of the content database by inserting SQL characters into the id parameter.
CVE-2001-0420 1 Way To The Web 1 Talkback 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter.
CVE-2001-0425 1 Adcycle 1 Adcycle 2008-09-05 7.5 HIGH N/A
AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to verify login information.