Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1298 1 Grant Horwood 1 Webodex 2025-04-03 N/A
Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVE-2002-1469 1 Scponly 1 Scponly 2025-04-03 N/A
scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs.
CVE-2001-1304 1 Nullsoft 1 Shoutcast Server 2025-04-03 N/A
Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header.
CVE-2005-0730 1 Py Software 1 Active Webcam 2025-04-03 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service via a request to a file on the floppy drive, as demonstrated using A:\a.txt.
CVE-2006-0300 2 Gnu, Redhat 2 Tar, Enterprise Linux 2025-04-03 N/A
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
CVE-2001-1305 1 Mirabilis 1 Icq 2025-04-03 N/A
ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer.
CVE-2006-0304 1 Achal Dhir 1 Dual Dhcp Dns Server 2025-04-03 N/A
Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the DHCP options field.
CVE-2000-0359 1 Acme Labs 1 Thttpd 2025-04-03 N/A
Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.
CVE-2002-1472 2 Redhat, Xfree86 Project 2 Linux, X11r6 2025-04-03 N/A
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
CVE-2001-1322 2 Redhat, Xinetd 2 Linux, Xinetd 2025-04-03 N/A
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
CVE-2001-1324 1 Paul Jarc 1 Idtools 2025-04-03 N/A
cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges.
CVE-2002-1478 1 The Cacti Group 1 Cacti 2025-04-03 N/A
Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.
CVE-2001-1326 1 Qualcomm 1 Eudora 2025-04-03 N/A
Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments.
CVE-2002-1480 1 Phpgb 1 Phpgb 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into guestbook pages, which is executed when the administrator deletes the entry.
CVE-2003-0522 1 Early Impact 1 Productcart 2025-04-03 N/A
Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) gain access to the admin control panel via the idadmin parameter to login.asp or (2) gain other privileges via the Email parameter to Custva.asp.
CVE-2001-1332 2 Easy Software Products, Redhat 2 Cups, Powertools 2025-04-03 N/A
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.
CVE-2001-1334 1 Phpslash 1 Phpslash 2025-04-03 N/A
Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.
CVE-2002-1482 1 Phpgb 1 Phpgb 2025-04-03 N/A
SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry.
CVE-2001-1384 2 Linux, Redhat 2 Linux Kernel, Linux 2025-04-03 N/A
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
CVE-2002-1503 1 Afd 1 Afd 2025-04-03 N/A
Buffer overflow in Automatic File Distributor (AFD) 1.2.14 and earlier allows local users to gain privileges via a long MON_WORK_DIR environment variable or -w (workdir) argument to (1) afd, (2) afdcmd, (3) afd_ctrl, (4) init_afd, (5) mafd, (6) mon_ctrl, (7) show_olog, or (8) udc.