Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0705 1 Arcadia 1 Arcadia Internet Store 2025-04-03 N/A
Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument.
CVE-2003-0429 2 Ethereal Group, Redhat 3 Ethereal, Enterprise Linux, Linux 2025-04-03 N/A
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.
CVE-2000-0007 1 Trend Micro 1 Pc-cillin 2025-04-03 N/A
Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service.
CVE-2001-0706 1 Maxum Development Corporation 1 Rumpus Ftp Server 2025-04-03 N/A
Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
CVE-2005-4819 1 Ibm 1 Lotus Domino 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-3333 1 Ebase 1 Ebaseweb 2025-04-03 N/A
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2000-0092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2025-04-03 N/A
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
CVE-2001-0386 1 Analogx 1 Simpleserver Www 2025-04-03 N/A
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2000-0093 1 Redhat 1 Linux 2025-04-03 N/A
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.
CVE-2001-0854 1 Francisco Burzi 1 Php-nuke 2025-04-03 N/A
PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.
CVE-2001-0856 1 Ibm 1 4758 2025-04-03 N/A
Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker with physical access to the system and Combine_Key_Parts permissions, to steal DES and 3DES keys by using a brute force attack to create a 3DES exporter key.
CVE-2001-0871 2 Alchemy Lab, Dek Software 2 Alchemy Eye, Alchemy Network Monitor 2025-04-03 N/A
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10.
CVE-2000-0095 1 Hp 1 Hp-ux 2025-04-03 N/A
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
CVE-2006-0992 1 Novell 1 Groupwise Messenger 2025-04-03 N/A
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier.
CVE-2000-0097 1 Microsoft 1 Index Server 2025-04-03 N/A
The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability.
CVE-2001-0390 1 Ibm 3 Net.commerce, Net.commerce Hosting Server, Websphere Application Server 2025-04-03 N/A
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a denial of service by directly calling the macro.d2w macro with a long string of %0a characters.
CVE-2000-0101 1 Make-a-store 1 Orderpage 2025-04-03 N/A
The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2001-0884 2 Gnu, Redhat 4 Mailman, Linux, Powertools and 1 more 2025-04-03 N/A
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
CVE-2000-0102 1 Salescart 1 Salescart 2025-04-03 N/A
The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0103 1 Netsmart 1 Smartcart 2025-04-03 N/A
The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.