Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0424 | 2 Freebsd, Timecop | 2 Freebsd, Bubblemon | 2016-10-18 | 7.2 HIGH | N/A |
| BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id. | |||||
| CVE-2001-0435 | 1 Pgp | 1 Pgp | 2016-10-18 | 4.6 MEDIUM | N/A |
| The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate. | |||||
| CVE-2001-0605 | 1 Headlight Software | 1 Mygetright | 2016-10-18 | 7.5 HIGH | N/A |
| Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld (skins-data) file which contains long strings of random data. | |||||
| CVE-2001-0411 | 1 Siemens | 1 Reliant Unix | 2016-10-18 | 5.0 MEDIUM | N/A |
| Reliant Unix 5.44 and earlier allows remote attackers to cause a denial of service via an ICMP port unreachable packet, which causes Reliant to drop all connections to the source address of the packet. | |||||
| CVE-2001-0552 | 2 Hp, Ibm | 2 Openview Network Node Manager, Tivoli Netview | 2016-10-18 | 10.0 HIGH | N/A |
| ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message. | |||||
| CVE-2001-0410 | 1 Trend Micro | 1 Virus Buster 2001 | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long "From" header. | |||||
| CVE-2001-0669 | 4 Cisco, Enterasys, Iss and 1 more | 6 Catalyst 6000 Intrusion Detection System Module, Secure Intrusion Detection System, Dragon and 3 more | 2016-10-18 | 7.5 HIGH | N/A |
| Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL. | |||||
| CVE-2001-0756 | 1 Virtualcart | 1 Virtualcatalog | 2016-10-18 | 7.5 HIGH | N/A |
| CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualCart) allows remote attackers to execute arbitrary code via the template parameter. | |||||
| CVE-2001-0419 | 1 Oracle | 1 Application Server | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/. | |||||
| CVE-2001-0464 | 1 Crosswind | 1 Cyberscheduler | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter. | |||||
| CVE-2001-0446 | 1 Ibm | 1 Websphere Commerce Suite | 2016-10-18 | 5.0 MEDIUM | N/A |
| IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL. | |||||
| CVE-2001-0433 | 1 Micheal Lamont | 1 Savant Webserver | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in Savant 3.0 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Host HTTP header. | |||||
| CVE-2001-0466 | 1 Microburst | 1 Ustorekeeper Online Shopping System | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2001-0571 | 1 Elron | 2 Im Anti Virus, Im Message Inspector | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server for (1) Elron Internet Manager (IM) Message Inspector and (2) Anti-Virus before 3.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the requested URL. | |||||
| CVE-2001-0355 | 1 Novell | 1 Groupwise | 2016-10-18 | 5.0 MEDIUM | N/A |
| Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies. | |||||
| CVE-2001-0254 | 1 Fastream | 1 Ftp\+\+ Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command. | |||||
| CVE-2001-0304 | 1 Caucho Technology | 1 Resin | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request. | |||||
| CVE-2001-0399 | 1 Caucho Technology | 1 Resin | 2016-10-18 | 5.0 MEDIUM | N/A |
| Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request. | |||||
| CVE-2001-0404 | 1 Sun | 1 Javaserver Web Dev Kit | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory. | |||||
| CVE-2001-0277 | 1 Working Resources Inc. | 1 Badblue | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request. | |||||