Export limit exceeded: 363167 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0660 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.
CVE-2001-1225 1 Hughes 1 Msql 2026-04-16 N/A
Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried.
CVE-2004-1787 1 Postnuke Software Foundation 1 Postcalendar 2026-04-16 N/A
SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries.
CVE-2003-0661 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information.
CVE-2001-1234 1 Gallery Project 1 Gallery 2026-04-16 N/A
Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable.
CVE-2001-1347 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes.
CVE-2001-1348 1 Twig Development Team 1 Twig 2026-04-16 N/A
TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter.
CVE-2003-0726 1 Realnetworks 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player 2026-04-16 N/A
RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag.
CVE-2001-1349 2 Redhat, Sendmail 2 Linux, Sendmail 2026-04-16 N/A
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
CVE-2001-1351 2 Namazu, Redhat 2 Namazu, Linux 2026-04-16 N/A
Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.
CVE-2003-0727 1 Oracle 1 Database Server 2026-04-16 N/A
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.
CVE-2001-1354 1 Netwin 2 Dmail, Surgeftp 2026-04-16 N/A
NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.
CVE-2003-0728 1 Horde 1 Horde 2026-04-16 N/A
Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL.
CVE-2001-1356 1 Netwin 1 Surgeftp 2026-04-16 N/A
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021.
CVE-2001-1363 1 Phpwebsite Development Team 1 Phpwebsite 2026-04-16 N/A
Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges.
CVE-2001-1364 1 Project Purple 1 Autodns 2026-04-16 N/A
Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain names that are not fully qualified.
CVE-2003-0730 3 Netbsd, Redhat, Xfree86 Project 4 Netbsd, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
CVE-2001-1366 1 Netscript Project 1 Netscript 2026-04-16 N/A
netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information.
CVE-2001-1367 1 Phpslice 1 Phpslice 2026-04-16 N/A
The checkAccess function in PHPSlice 0.1.4, and all other versions between 0.1.1 and 0.1.6, does not properly verify the administrative access level, which could allow remote attackers to gain privileges.
CVE-2001-1368 1 Iplanet 1 Iplanet Web Server 2026-04-16 N/A
Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data.