Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1016 1 Pgp 5 Corporate Desktop, E-business Server, Freeware and 2 more 2026-04-16 N/A
PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Freeware before 7.0.3, and E-Business Server before 7.1 does not properly display when invalid userID's are used to sign a message, which could allow an attacker to make the user believe that the document has been signed by a trusted third party by adding a second, invalid user ID to a key which has already been signed by the third party, aka the "PGPsdk Key Validity Vulnerability."
CVE-2001-1023 1 Xcache Technologies 1 Xcache 2026-04-16 N/A
Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header.
CVE-2001-1024 1 Entrust 1 Getaccess 2026-04-16 N/A
login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java programs, and possibly arbitrary commands, by specifying an alternate -classpath argument.
CVE-2001-1025 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.
CVE-2001-1026 1 Trend Micro 1 Interscan Applettrap 2026-04-16 N/A
Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.
CVE-2001-1031 1 Charles Clark 1 Meteor Ftpd 2026-04-16 N/A
Directory traversal vulnerability in Meteor FTP 1.0 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the ls/LIST command, or (2) a ... in the cd/CWD command.
CVE-2001-1032 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to copy.
CVE-2001-1034 1 Freebsd 1 Freebsd 2026-04-16 N/A
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.
CVE-2001-1035 1 Slrn Development Team 1 Slrn 2026-04-16 N/A
Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post.
CVE-2001-1036 2 Gnu, Slackware 2 Findutils, Slackware Linux 2026-04-16 N/A
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
CVE-2001-1038 1 Cisco 1 Sn 5420 Storage Router Firmware 2026-04-16 N/A
Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023.
CVE-2001-1041 1 Oracle 1 Database Server 2026-04-16 N/A
oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.
CVE-2001-1044 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
CVE-2001-1047 1 Openbsd 1 Openbsd 2026-04-16 N/A
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.
CVE-2001-1051 1 Dark Hart Portal 1 Darkportal-unix 2026-04-16 N/A
Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVE-2004-2207 1 Ideal Science 1 Idealbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2001-1056 1 Linux 1 Linux Kernel 2026-04-16 N/A
IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request.
CVE-2001-1066 1 Sun 1 Solaris 2026-04-16 N/A
ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-1068 1 Qualcomm 1 Qpopper 2026-04-16 N/A
qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system.
CVE-2002-1950 1 Phprank 1 Phprank 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl parameter) in the main list.