Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0896 1 Sco 1 Openserver 2026-04-16 N/A
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
CVE-2006-2177 1 Bitdamaged 1 Geoblog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in viewcat.php in geoBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
CVE-2001-0909 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL.
CVE-2006-2185 1 Novell 1 Netware 2026-04-16 N/A
PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges.
CVE-2001-0910 1 Emc 1 Networker 2026-04-16 N/A
Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup.
CVE-2006-2187 1 Zenphoto 1 Zenphoto 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) a parameter in i.php, and the (2) album and (3) image parameters in index.php.
CVE-1999-1045 1 Realnetworks 1 Realserver 2026-04-16 N/A
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request.
CVE-2001-0913 1 Network Solutions 1 Rwhoisd 2026-04-16 N/A
Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers.
CVE-2001-0915 1 Berkeley 1 Pmake 2026-04-16 N/A
Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition.
CVE-2001-1073 1 Webridge 1 Px Application Suite 2026-04-16 N/A
Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables (1) APPL_PHYSICAL_PATH, (2) PATH_TRANSLATED, and (3) LOCAL_ADDR.
CVE-2001-1075 1 Sun 1 Cobalt Raq 3i 2026-04-16 N/A
poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file.
CVE-2006-2233 1 Banktown 1 Btcxctl20com Activex Control 2026-04-16 N/A
Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) 1.4.2.51817, and possibly 1.5.2.50209, allows remote attackers to execute arbitrary code via a long string in the first argument to SetBannerUrl. NOTE: portions of these details are obtained from third party information.
CVE-2001-1078 1 Extremail 1 Extremail 2026-04-16 N/A
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.
CVE-2001-1083 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
CVE-2001-1085 1 Jon Zeeff 1 Lmail 2026-04-16 N/A
Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2001-1090 1 Alessandro Gardich 1 Nss Postgresql 2026-04-16 N/A
nss_postgresql 0.6.1 and before allows a remote attacker to execute arbitrary SQL queries by inserting SQL code into an HTTP request.
CVE-2006-2236 1 Id Software 4 Quake 3 Arena, Quake 3 Engine, Return To Castle Wolfenstein and 1 more 2026-04-16 N/A
Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command.
CVE-2001-1094 1 Crosstec Corporation 1 Netop School 2026-04-16 N/A
NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version.
CVE-2001-1100 1 Spencer Miles 1 W3mail 2026-04-16 N/A
sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.
CVE-2001-1111 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.