Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1343 1 Cgicentral 2 Webstore 400, Webstore 400cs 2026-04-16 N/A
ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter.
CVE-2001-1344 1 Cgicentral 2 Webstore 400, Webstore 400cs 2026-04-16 N/A
WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot).
CVE-2001-1345 1 Jetico 1 Bestcrypt 2026-04-16 N/A
bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program.
CVE-2001-1346 2 Broadcom, Ca 2 Arcserve Backup, Arcserve Backup 2026-04-16 N/A
Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.
CVE-2002-1003 1 Mywebserver 1 Mywebserver 2026-04-16 N/A
Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2001-1350 2 Namazu, Redhat 2 Namazu, Linux 2026-04-16 N/A
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
CVE-2001-1352 2 Namazu, Redhat 2 Namazu, Linux 2026-04-16 N/A
Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter.
CVE-2001-1353 2 Aladdin Enterprises, Redhat 2 Ghostscript, Linux 2026-04-16 N/A
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.
CVE-2001-1355 1 Netwin 2 Dmail, Surgeftp 2026-04-16 N/A
Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.
CVE-2002-1414 1 Inter7 1 Qmailadmin 2026-04-16 N/A
Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable.
CVE-2001-1357 1 Phpheaven 1 Phpmychat 2026-04-16 N/A
Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables.
CVE-2001-1358 1 Phpheaven 1 Phpmychat 2026-04-16 N/A
Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter.
CVE-2001-1359 1 Caldera 1 Volution 2026-04-16 N/A
Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server.
CVE-2001-1360 1 Mostang 1 Sane 2026-04-16 N/A
Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned.
CVE-2001-1361 1 Twig Development Team 1 Twig 2026-04-16 N/A
Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links.
CVE-2001-1362 1 Horsburgh 1 Npulse 2026-04-16 N/A
Vulnerability in the server for nPULSE before 0.53p4.
CVE-2001-1379 2 Guiseppe Tanzilli And Matthias Eckermann, Redhat 2 Mod Auth Pgsql, Linux 2026-04-16 N/A
The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name.
CVE-2001-1380 2 Openbsd, Redhat 2 Openssh, Linux 2026-04-16 N/A
OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses.
CVE-2001-1382 1 Openbsd 1 Openssh 2026-04-16 N/A
The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.
CVE-2002-0074 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.