Export limit exceeded: 362599 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0004 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability. | ||||
| CVE-2001-0005 | 1 Microsoft | 1 Powerpoint | 2026-04-16 | N/A |
| Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands. | ||||
| CVE-2001-0007 | 1 Netscreen | 1 Screen Os | 2026-04-16 | N/A |
| Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface. | ||||
| CVE-2001-0008 | 2 Borland Software, Firebirdsql | 2 Interbase, Firebird | 2026-04-16 | N/A |
| Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures. | ||||
| CVE-2001-0009 | 1 Lotus | 1 Domino Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. | ||||
| CVE-2001-0013 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2001-0014 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | ||||
| CVE-2001-0031 | 1 Broadvision | 1 One-to-one Enterprise Server | 2026-04-16 | N/A |
| BroadVision One-To-One Enterprise allows remote attackers to determine the physical path of server files by requesting a .JSP file name that does not exist. | ||||
| CVE-2001-0032 | 1 Eric Rescorla | 1 Ssldump | 2026-04-16 | N/A |
| Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privileges via malicious format string specifiers in a URL. | ||||
| CVE-2001-0033 | 2 Kth, Netbsd | 2 Kth Kerberos, Netbsd | 2026-04-16 | N/A |
| KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges. | ||||
| CVE-2001-0034 | 1 Kth | 1 Kth Kerberos | 2026-04-16 | N/A |
| KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges. | ||||
| CVE-2001-0035 | 1 Kth | 1 Kth Kerberos | 2026-04-16 | N/A |
| Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long authentication request. | ||||
| CVE-2001-0036 | 2 Kth, Redhat | 2 Kth Kerberos, Linux | 2026-04-16 | N/A |
| KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file. | ||||
| CVE-2001-0037 | 1 Keware Technologies | 1 Homeseer | 2026-04-16 | N/A |
| Directory traversal vulnerability in HomeSeer before 1.4.29 allows remote attackers to read arbitrary files via a URL containing .. (dot dot) specifiers. | ||||
| CVE-2001-0038 | 1 Metaproducts | 1 Offline Explorer | 2026-04-16 | N/A |
| Offline Explorer 1.4 before Service Release 2 allows remote attackers to read arbitrary files by specifying the drive letter (e.g. C:) in the requested URL. | ||||
| CVE-2001-0040 | 1 Apc | 1 Apcupsd | 2026-04-16 | N/A |
| APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file. | ||||
| CVE-2001-0042 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences. | ||||
| CVE-2001-0043 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | N/A |
| phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the phpgw_info parameter of the phpgw.inc.php program. | ||||
| CVE-2001-0044 | 1 Lexmark | 1 Markvision | 2026-04-16 | N/A |
| Multiple buffer overflows in Lexmark MarkVision printer driver programs allows local users to gain privileges via long arguments to the cat_network, cat_paraller, and cat_serial commands. | ||||
| CVE-2001-0045 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The default permissions for the RAS Administration key in Windows NT 4.0 allows local users to execute arbitrary commands by changing the value to point to a malicious DLL, aka one of the "Registry Permissions" vulnerabilities. | ||||