Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1082 2 Lucent, Simon Horms 2 Radius, Radius 2026-04-16 N/A
Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2001-1084 1 Macromedia 1 Jrun 2026-04-16 N/A
Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.
CVE-2001-1086 1 Xfree86 Project 1 X11r6 2026-04-16 N/A
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.
CVE-2001-1087 1 Network Appliance 1 Netcache 2026-04-16 N/A
The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.
CVE-2001-1088 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user.
CVE-2001-1089 2 Alessandro Gardich, Joerg Wendland 2 Nss Postgresql, Libnss-pgsql 2026-04-16 N/A
libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request.
CVE-2001-1101 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
CVE-2001-1104 1 Sonicwall 2 Soho, Soho Firmware 2026-04-16 N/A
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.
CVE-2001-1108 1 Snapstream 1 Pvs 2026-04-16 N/A
Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a .. (dot dot) attack in the requested URL.
CVE-2001-1110 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
CVE-2001-1112 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.
CVE-2001-1113 1 Trolltech 1 Trollftpd 2026-04-16 N/A
Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command.
CVE-2001-1114 1 Netcode 1 Nc Book 2026-04-16 N/A
book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell metacharacters in the "current" parameter.
CVE-2001-1119 1 Ti Kan 1 Xmcd 2026-04-16 N/A
cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-1120 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.
CVE-2002-1950 1 Phprank 1 Phprank 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl parameter) in the main list.
CVE-2001-1212 1 Aktivate 1 Aktivate 2026-04-16 N/A
Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter.
CVE-2001-1214 1 Marcus S. Xenakis 1 Unix Manual 2026-04-16 N/A
manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters.
CVE-2001-1217 1 Oracle 1 Application Server 2026-04-16 N/A
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
CVE-2001-1218 1 Microsoft 1 Ie 2026-04-16 N/A
Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window.