Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1571 | 1 Microsoft | 1 Windows Xp | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing. | |||||
| CVE-2001-1530 | 1 Webmin | 1 Webmin | 2008-09-05 | 4.6 MEDIUM | N/A |
| run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands. | |||||
| CVE-2001-1566 | 2 Vanessa, Verge | 2 Vanessa Logger, Perdition | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function. | |||||
| CVE-2001-1318 | 1 Qualcomm | 1 Eudora Worldmail Server | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1332 | 1 Easy Software Products | 1 Cups | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code. | |||||
| CVE-2001-1314 | 1 Critical Path | 2 Injoin Directory Server, Livecontent Directory | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1363 | 1 Phpwebsite Development Team | 1 Phpwebsite | 2008-09-05 | 10.0 HIGH | N/A |
| Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges. | |||||
| CVE-2001-0989 | 1 Richard Everitt | 1 Pileup | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign. | |||||
| CVE-2001-1207 | 1 Daydream | 1 Daydream Bbs | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA. | |||||
| CVE-2001-0966 | 1 Nudester.org | 1 Nudester | 2008-09-05 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command. | |||||
| CVE-2001-1005 | 1 Starfish | 1 Truesync Desktop | 2008-09-05 | 7.5 HIGH | N/A |
| Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the password and gain privileges. | |||||
| CVE-2001-0943 | 1 Oracle | 1 Database Server | 2008-09-05 | 7.2 HIGH | N/A |
| dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs. | |||||
| CVE-2001-1025 | 1 Francisco Burzi | 1 Php-nuke | 2008-09-05 | 10.0 HIGH | N/A |
| PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php. | |||||
| CVE-2001-0840 | 1 Compaq | 1 Insight Manager Xe | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI. | |||||
| CVE-2001-0976 | 1 Hp | 1 Process Resource Manager | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables. | |||||
| CVE-2001-1222 | 1 Plesk | 1 Plesk Server Administrator | 2008-09-05 | 5.0 MEDIUM | N/A |
| Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain. | |||||
| CVE-2001-1211 | 1 Ipswitch | 1 Imail | 2008-09-05 | 7.5 HIGH | N/A |
| Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain. | |||||
| CVE-2001-1191 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2008-09-05 | 5.0 MEDIUM | N/A |
| WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. | |||||
| CVE-2001-1152 | 1 Baltimore Technologies | 1 Websweeper | 2008-09-05 | 7.5 HIGH | N/A |
| Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters. | |||||
| CVE-2001-1169 | 1 Bell Communications Research | 1 S Key | 2008-09-05 | 7.5 HIGH | N/A |
| keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo. | |||||