Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0353 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.
CVE-2001-0405 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
CVE-2001-0421 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
CVE-2001-0682 2 Checkpoint, Zonelabs 2 Zonealarm Pro, Zonealarm 2026-04-16 5.5 Medium
ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.
CVE-2001-0950 1 Valicert 1 Enterprise Validation Authority 2026-04-16 7.5 High
ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 uses insufficiently random data to (1) generate session tokens for HSMs using the C rand function, or (2) generate certificates or keys using /dev/urandom instead of another source which blocks when the entropy pool is low, which could make it easier for local or remote attackers to steal tokens or certificates via brute force guessing.
CVE-2001-1102 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
CVE-2001-0931 1 Cooolsoft 1 Powerftp 2026-04-16 N/A
Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attackers to list or read arbitrary files and directories via a .. (dot dot) in (1) LS or (2) GET.
CVE-2001-1018 1 Lotus 1 Domino 2026-04-16 N/A
Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters.
CVE-2001-1057 1 Wolfram Research 1 Mathematica 2026-04-16 N/A
The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests.
CVE-2001-1098 1 Cisco 1 Pix Firewall Manager 2026-04-16 N/A
Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file.
CVE-2001-1081 2 Lucent, Simon Horms 2 Radius, Radius 2026-04-16 N/A
Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages.
CVE-2001-1077 1 Rxvt 1 Rxvt 2026-04-16 N/A
Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument.
CVE-2001-1097 1 Cisco 1 Ios 2026-04-16 N/A
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.
CVE-2001-1137 1 D-link 1 Dl-704 2026-04-16 N/A
D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments.
CVE-2001-1106 1 Sambar 1 Sambar Server 2026-04-16 N/A
The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure.
CVE-2001-1156 1 Typsoft 1 Typsoft Ftp Server 2026-04-16 N/A
TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR.
CVE-2001-1157 1 Baltimore Technologies 1 Websweeper 2026-04-16 N/A
Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode.
CVE-2001-1127 1 Progress 1 Progress 2026-04-16 N/A
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
CVE-2001-1205 1 Matrixs Cgi Vault 1 Last Lines 2026-04-16 N/A
Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via '..' sequences in the $error_log variable.
CVE-2001-1215 1 Michael Baumer 1 Pfinger 2026-04-16 N/A
Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file.