Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0862 | 1 Cisco | 1 12000 Router | 2026-04-16 | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. | ||||
| CVE-2001-0867 | 1 Cisco | 1 12000 Router | 2026-04-16 | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. | ||||
| CVE-2001-0872 | 3 Openbsd, Redhat, Suse | 3 Openssh, Linux, Suse Linux | 2026-04-16 | N/A |
| OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | ||||
| CVE-2001-0873 | 2 Ian Lance Taylor, Redhat | 2 Taylor Uucp, Linux | 2026-04-16 | N/A |
| uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option. | ||||
| CVE-2001-0874 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2001-0889 | 2 Redhat, University Of Cambridge | 3 Linux, Powertools, Exim | 2026-04-16 | N/A |
| Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2001-0890 | 2 Redhat, Sane | 3 Linux, Powertools, Sane | 2026-04-16 | N/A |
| Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files. | ||||
| CVE-2001-0891 | 2 Cray, Sgi | 2 Unicos, Nqsdaemon | 2026-04-16 | N/A |
| Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters. | ||||
| CVE-2001-0899 | 2 Phpnuke, Rick Fournier | 2 Php-nuke, Network Tools | 2026-04-16 | N/A |
| Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable. | ||||
| CVE-2001-0902 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters. | ||||
| CVE-2006-3394 | 1 Bxcp | 1 Bxcp | 2026-04-16 | N/A |
| SQL injection vulnerability in the files mod in index.php in BXCP 0.3.0.4 allows remote attackers to execute arbitrary SQL commands via the where parameter in a view action. | ||||
| CVE-2001-0903 | 1 Intel | 1 High-bandwidth Digital Content Protection | 2026-04-16 | N/A |
| Linear key exchange process in High-bandwidth Digital Content Protection (HDCP) System allows remote attackers to access data as plaintext, avoid device blacklists, clone devices, and create new device keyvectors by computing and using alternate key combinations for authentication. | ||||
| CVE-2001-0905 | 2 Procmail, Redhat | 2 Procmail, Linux | 2026-04-16 | N/A |
| Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running. | ||||
| CVE-2006-3760 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.4 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2001-0926 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement. | ||||
| CVE-2006-3764 | 1 Till Gerken | 1 Phppolls | 2026-04-16 | N/A |
| Till Gerken phpPolls 1.0.3 allows remote attackers to create a new poll via a direct request to phpPollAdmin.php3 with the poll_action parameter set to create. | ||||
| CVE-2001-0936 | 1 Frox | 1 Frox | 2026-04-16 | N/A |
| Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request. | ||||
| CVE-2001-0938 | 1 Persits | 1 Aspupload | 2026-04-16 | N/A |
| Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp. | ||||
| CVE-2002-0720 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2026-04-16 | N/A |
| A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. | ||||
| CVE-2001-0949 | 1 Valicert | 1 Enterprise Validation Authority | 2026-04-16 | N/A |
| Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File, (3) useExpiredCRLs, (4) listenLength, (5) maxThread, (6) maxConnPerSite, (7) maxMsgLen, (8) exitTime, (9) blockTime, (10) nextUpdatePeriod, (11) buildLocal, (12) maxOCSPValidityPeriod, (13) extension, and (14) a particular combination of parameters associated with private key generation that form a string of a certain length. | ||||