Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0289 2 Joseph Allen, Redhat 2 Joe, Linux 2026-04-16 N/A
Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory.
CVE-2001-0012 2 Isc, Redhat 2 Bind, Linux 2026-04-16 N/A
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.
CVE-2001-0290 1 Gnu 1 Mailman 2026-04-16 N/A
Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.
CVE-2001-0291 2026-04-16 N/A
Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters.
CVE-2001-0196 1 Freebsd 1 Freebsd 2026-04-16 N/A
inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group.
CVE-2001-0292 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.
CVE-2001-0293 1 Datawizard 1 Ftpxq 2026-04-16 N/A
Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. (dot dot) in the GET command.
CVE-2001-0294 1 Typsoft 1 Typsoft Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in a GET command, or (2) a ... in a CWD command.
CVE-2001-0295 1 Jarle Aase 1 War Ftpd 2026-04-16 N/A
Directory traversal vulnerability in War FTP 1.67.04 allows remote attackers to list directory contents and possibly read files via a "dir *./../.." command.
CVE-2001-0297 1 Dattaraj Rao 1 Simple Server 2026-04-16 N/A
Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2001-0299 1 Nokia 1 Ip440 Firewall Vpn Appliance 2026-04-16 N/A
Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL.
CVE-2001-0301 2 Redhat, Stephen Turner 2 Secure Web Server, Analog 2026-04-16 N/A
Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings.
CVE-2001-0302 1 Pi3 1 Pi3web 2026-04-16 N/A
Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL.
CVE-2001-0436 1 Dcscripts 2 Dcforum, Dcforum 2000 2026-04-16 N/A
dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.
CVE-2001-0437 1 Dcscripts 2 Dcforum, Dcforum 2000 2026-04-16 N/A
upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file.
CVE-2001-0441 3 Debian, Mandrakesoft, Redhat 4 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 1 more 2026-04-16 N/A
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
CVE-2001-0442 1 David Harris 1 Mercury Nlm 2026-04-16 N/A
Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command.
CVE-2001-0443 1 Qpc Software 2 Qvt Net, Qvt Term Plus 2026-04-16 N/A
Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password.
CVE-2001-0446 1 Ibm 1 Websphere Commerce Suite 2026-04-16 N/A
IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL.
CVE-2001-0447 1 Software602 1 602pro Lan Suite 2026-04-16 N/A
Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request containing "%2e" (dot dot) characters.