ReportizFlow
Filtered by vendor
Subscriptions
Total
29889 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1369 | 1 Leon J Breedt | 1 Pam-pgsql | 2025-04-03 | N/A |
| Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields. | ||||
| CVE-2001-1372 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message. | ||||
| CVE-2004-0547 | 1 Postgresql | 1 Postgresql | 2025-04-03 | N/A |
| Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2006-4157 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Yet another Bulletin Board (YaBB) allows remote attackers to inject arbitrary web script or HTML via the categories parameter. | ||||
| CVE-2001-1383 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. | ||||
| CVE-2001-1417 | 1 Aol | 1 Instant Messenger | 2025-04-03 | N/A |
| AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data. | ||||
| CVE-2001-1441 | 1 Ibm | 1 Visualage For Java | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message. | ||||
| CVE-2001-1455 | 1 Netegrity | 1 Siteminder | 2025-04-03 | N/A |
| Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters. | ||||
| CVE-2001-1464 | 1 Businessobjects | 1 Crystal Reports | 2025-04-03 | N/A |
| Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords. | ||||
| CVE-2001-1495 | 1 Freshmeat | 2 Network Query Tool, Network Query Tool Phpnuke | 2025-04-03 | N/A |
| network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter. | ||||
| CVE-2001-1497 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | N/A |
| Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | ||||
| CVE-2001-1498 | 1 Markus Kliegl | 1 Mod Bf | 2025-04-03 | N/A |
| Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary commands via a long script. | ||||
| CVE-2001-1499 | 1 Checkpoint | 1 Vpn-1 | 2025-04-03 | N/A |
| Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks. | ||||
| CVE-2001-1507 | 1 Openbsd | 1 Openssh | 2025-04-03 | N/A |
| OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged. | ||||
| CVE-2001-1508 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. | ||||
| CVE-2004-0703 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | N/A |
| Unknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users with "grant membership" privileges to grant memberships to groups that the user does not control. | ||||
| CVE-2006-0940 | 1 Cynical Games | 1 Shoutlive | 2025-04-03 | N/A |
| Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php. | ||||
| CVE-2001-1527 | 1 Easyscripts | 1 Easynews | 2025-04-03 | N/A |
| easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and gain access. | ||||
| CVE-2001-1564 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space. | ||||
| CVE-2006-4196 | 1 Webinsta | 1 Cms | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in index.php in WEBInsta CMS 0.3.1 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the templates_dir parameter. | ||||