Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0837 1 Deltathree 1 Pc-to-phone 2026-04-16 N/A
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.
CVE-2001-0839 1 Ibill Internet Billing Company 1 Processing Plus 2026-04-16 N/A
ibillpm.pl in iBill password management system generates weak passwords based on a client's MASTER_ACCOUNT, which allows remote attackers to modify account information in the .htpasswd file via brute force password guessing.
CVE-2002-1905 1 Polycom 1 Viavideo 2026-04-16 N/A
Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
CVE-2001-0845 1 Dec 4 Dec Openvms, Dec Openvms Alpha, Sevms and 1 more 2026-04-16 N/A
Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.
CVE-2001-0847 1 Lotus 1 Domino Web Server 2026-04-16 N/A
Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.
CVE-2001-0848 1 E-zone Media 1 Fuse Talk 2026-04-16 N/A
join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.
CVE-2001-0849 1 Duncan Hall 1 Viralator 2026-04-16 N/A
viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget.
CVE-2002-1922 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables.
CVE-2001-0944 1 Khaled Mardam-bey 1 Mirc 2026-04-16 N/A
DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process.
CVE-2001-0948 1 Valicert 1 Enterprise Validation Authority 2026-04-16 N/A
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed.
CVE-2001-0952 1 Volition 1 Red Faction 2026-04-16 N/A
THQ Volition Red Faction Game allows remote attackers to cause a denial of service (hang) of a client or server via packets to UDP port 7755.
CVE-2001-0953 1 Nara Vision 1 Kebi Community 2026-04-16 N/A
Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root.
CVE-2006-2841 1 Associated 1 Associated Cms 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ACID) CMS 1.1.3 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) menu.php, (2) profile.php, (3) users.php, (4) cache_mngt.php, and (5) gallery_functions.php.
CVE-2005-1124 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API.
CVE-2001-0955 1 Xfree86 Project 1 X11r6 2026-04-16 N/A
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title.
CVE-2001-0956 1 Speechio 1 Speechd 2026-04-16 N/A
speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters.
CVE-2001-0958 1 Trend Micro 2 Interscan Emanager, Interscan Viruswall 2026-04-16 N/A
Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote attackers to execute arbitrary code via long arguments to the CGI programs (1) register.dll, (2) ContentFilter.dll, (3) SFNofitication.dll, (4) register.dll, (5) TOP10.dll, (6) SpamExcp.dll, and (7) spamrule.dll.
CVE-2001-0961 1 John E. Davis 1 Most 2026-04-16 N/A
Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most.
CVE-2001-0968 1 Knox Software 1 Arkeia 2026-04-16 N/A
Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges.
CVE-2001-0975 1 Oracle 1 Internet Directory 2026-04-16 N/A
Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.