Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0555 | 1 Screaming Media | 1 Siteware | 2017-07-10 | 10.0 HIGH | N/A |
| ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. | |||||
| CVE-2001-0753 | 1 Cisco | 1 Cbos | 2017-07-10 | 7.5 HIGH | N/A |
| Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. | |||||
| CVE-2001-0799 | 1 Sgi | 1 Irix | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument. | |||||
| CVE-2001-0853 | 1 Entrust | 1 Getaccess | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat. | |||||
| CVE-2001-0941 | 1 Oracle | 1 Database Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable. | |||||
| CVE-2001-0942 | 1 Oracle | 1 Database Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp. | |||||
| CVE-2001-0970 | 1 Tdavid | 1 Td Forum | 2017-07-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum12.cgi) allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script. | |||||
| CVE-2001-0972 | 1 Surf-net | 1 Asp Forum | 2017-07-10 | 10.0 HIGH | N/A |
| Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888." | |||||
| CVE-2001-1148 | 1 Sco | 1 Openserver | 2017-07-10 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh. | |||||
| CVE-2001-1192 | 1 Citrix | 1 Ica Client | 2017-07-10 | 7.5 HIGH | N/A |
| Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client. | |||||
| CVE-2001-1194 | 1 Zyxel | 2 Prestige 1600, Prestige 681 | 2017-07-10 | 5.0 MEDIUM | N/A |
| Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly. | |||||
| CVE-2001-1197 | 1 Kde | 1 Kdeutils | 2017-07-10 | 4.6 MEDIUM | N/A |
| klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file. | |||||
| CVE-2001-1204 | 1 Total Pc Solutions | 1 Php Rocket Add-in | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2001-1379 | 1 Guiseppe Tanzilli And Matthias Eckermann | 1 Mod Auth Pgsql | 2017-07-10 | 7.5 HIGH | N/A |
| The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name. | |||||
| CVE-2001-1413 | 1 Ncompress | 1 Ncompress | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument. | |||||
| CVE-2001-1415 | 1 Openbsd | 1 Openbsd | 2017-07-10 | 4.6 MEDIUM | N/A |
| vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes. | |||||
| CVE-2001-1417 | 1 Aol | 1 Instant Messenger | 2017-07-10 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data. | |||||
| CVE-2001-1418 | 1 Aol | 1 Instant Messenger | 2017-07-10 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a malformed WAV file. | |||||
| CVE-2001-1419 | 2 Aol, Cerulean Studios | 2 Instant Messenger, Trillian | 2017-07-10 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments. | |||||
| CVE-2001-1420 | 1 Aol | 1 Instant Messenger | 2017-07-10 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. | |||||