Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1070 1 Sage Software 1 Mas 200 2026-04-16 N/A
Sage Software MAS 200 allows remote attackers to cause a denial of service by connecting to port 10000 and entering a series of control characters.
CVE-2001-1071 1 Cisco 2 Catos, Ios 2026-04-16 N/A
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.
CVE-2001-1074 1 Webmin 1 Webmin 2026-04-16 N/A
Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
CVE-2001-1080 1 Ibm 1 Aix 2026-04-16 N/A
diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program.
CVE-2001-1082 2 Lucent, Simon Horms 2 Radius, Radius 2026-04-16 N/A
Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2001-1084 1 Macromedia 1 Jrun 2026-04-16 N/A
Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.
CVE-2001-1086 1 Xfree86 Project 1 X11r6 2026-04-16 N/A
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.
CVE-2001-1087 1 Network Appliance 1 Netcache 2026-04-16 N/A
The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.
CVE-2001-1088 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user.
CVE-2001-1089 2 Alessandro Gardich, Joerg Wendland 2 Nss Postgresql, Libnss-pgsql 2026-04-16 N/A
libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request.
CVE-2001-1101 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
CVE-2001-1104 1 Sonicwall 2 Soho, Soho Firmware 2026-04-16 N/A
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.
CVE-2001-1178 1 Xfree86 Project 1 X11r6 2026-04-16 N/A
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable.
CVE-2001-1180 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child.
CVE-2001-1183 1 Cisco 1 Ios 2026-04-16 N/A
PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet.
CVE-2001-1185 1 Freebsd 1 Freebsd 2026-04-16 N/A
Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.
CVE-2001-1187 1 Mutasem Abudahab 2 Csvform, Csvform Plus 2026-04-16 N/A
csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter.
CVE-2001-1188 1 Brian Dorricott 1 Mailto 2026-04-16 N/A
mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.
CVE-2001-1189 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.
CVE-1999-0535 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.