Search Results (367176 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1494 3 Avaya, Kernel, Redhat 8 Cvlan, Integrated Management Suit, Interactive Response and 5 more 2026-04-16 5.5 Medium
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
CVE-2001-1495 1 Freshmeat 2 Network Query Tool, Network Query Tool Phpnuke 2026-04-16 N/A
network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter.
CVE-2001-1496 1 Acme 1 Thttpd 2026-04-16 9.8 Critical
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2001-1497 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack.
CVE-2001-1498 1 Markus Kliegl 1 Mod Bf 2026-04-16 N/A
Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary commands via a long script.
CVE-2001-1557 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
CVE-2001-1499 1 Checkpoint 1 Vpn-1 2026-04-16 N/A
Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks.
CVE-2001-1500 1 Proftpd Project 1 Proftpd 2026-04-16 N/A
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
CVE-2001-1501 1 Proftpd Project 1 Proftpd 2026-04-16 N/A
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple (1) "*/..", (2) "*/.*", or (3) ".*./*?/" sequences in the argument.
CVE-2001-1502 1 Mountain Network Systems 1 Webcart 2026-04-16 N/A
webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter.
CVE-2001-1503 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.
CVE-2001-1504 1 Ibm 1 Lotus Notes 2026-04-16 N/A
Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message.
CVE-2001-1505 1 Tinc 1 Tinc 2026-04-16 N/A
tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets.
CVE-2001-1506 1 Hp 1 Secure Os 2026-04-16 N/A
Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0 allows additional user privileges on some files beyond what is specified in the file system protection rules, which allows local users to conduct unauthorized operations on restricted files.
CVE-2001-1507 1 Openbsd 1 Openssh 2026-04-16 N/A
OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged.
CVE-2001-1508 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.
CVE-2001-1509 1 Hp 1 Hp-ux 2026-04-16 N/A
geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges.
CVE-2001-1510 1 Macromedia 1 Jrun 2026-04-16 N/A
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
CVE-2001-1511 1 Macromedia 1 Jrun 2026-04-16 N/A
JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "jsp%00" or (2) "js%2570".
CVE-2001-1512 1 Macromedia 1 Jrun 2026-04-16 N/A
Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050.