Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1284 1 Ipswitch 1 Imail 2025-04-03 N/A
Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users.
CVE-2001-1294 1 Avtronics 1 Inetserv 2025-04-03 N/A
Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remote attackers to cause a denial of service (crash) in the Webmail interface via a long username and password.
CVE-2002-1465 1 Cafelog 1 B2 2025-04-03 N/A
SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable.
CVE-2001-1297 1 Actionpoll 1 Actionpoll 2025-04-03 N/A
PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter.
CVE-2002-1467 2 Macromedia, Redhat 4 Flash Player, Shockwave, Enterprise Linux and 1 more 2025-04-03 N/A
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).
CVE-2000-0350 1 Networkice 1 Icecap Manager 2025-04-03 N/A
A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events.
CVE-2001-1298 1 Grant Horwood 1 Webodex 2025-04-03 N/A
Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVE-2002-1469 1 Scponly 1 Scponly 2025-04-03 N/A
scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs.
CVE-2001-1304 1 Nullsoft 1 Shoutcast Server 2025-04-03 N/A
Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header.
CVE-2005-0730 1 Py Software 1 Active Webcam 2025-04-03 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service via a request to a file on the floppy drive, as demonstrated using A:\a.txt.
CVE-2006-0300 2 Gnu, Redhat 2 Tar, Enterprise Linux 2025-04-03 N/A
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
CVE-2001-1305 1 Mirabilis 1 Icq 2025-04-03 N/A
ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer.
CVE-2006-0304 1 Achal Dhir 1 Dual Dhcp Dns Server 2025-04-03 N/A
Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the DHCP options field.
CVE-2000-0359 1 Acme Labs 1 Thttpd 2025-04-03 N/A
Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.
CVE-2002-1472 2 Redhat, Xfree86 Project 2 Linux, X11r6 2025-04-03 N/A
Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
CVE-2001-1322 2 Redhat, Xinetd 2 Linux, Xinetd 2025-04-03 N/A
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
CVE-2001-1324 1 Paul Jarc 1 Idtools 2025-04-03 N/A
cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges.
CVE-2002-1478 1 The Cacti Group 1 Cacti 2025-04-03 N/A
Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.
CVE-2001-1326 1 Qualcomm 1 Eudora 2025-04-03 N/A
Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments.
CVE-2002-1480 1 Phpgb 1 Phpgb 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into guestbook pages, which is executed when the administrator deletes the entry.