ReportizFlow
Filtered by vendor
Subscriptions
Total
29932 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0749 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2026-04-16 | N/A |
| Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root. | ||||
| CVE-2006-3055 | 1 Vbzoom | 1 Vbzoom | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote attackers to execute arbitrary SQL commands via the (1) QuranID, (2) ShowByQuranID, or (3) Action parameters to meaning.php. | ||||
| CVE-2004-0267 | 1 Broadcom | 1 Inoculateit | 2026-04-16 | N/A |
| The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp. | ||||
| CVE-2001-0911 | 2 Francisco Burzi, Postnuke Software Foundation | 2 Php-nuke, Postnuke | 2026-04-16 | N/A |
| PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it. | ||||
| CVE-2001-0982 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2026-04-16 | N/A |
| Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings. | ||||
| CVE-2001-0999 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script. | ||||
| CVE-2001-1018 | 1 Lotus | 1 Domino | 2026-04-16 | N/A |
| Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters. | ||||
| CVE-2001-1023 | 1 Xcache Technologies | 1 Xcache | 2026-04-16 | N/A |
| Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header. | ||||
| CVE-2001-1026 | 1 Trend Micro | 1 Interscan Applettrap | 2026-04-16 | N/A |
| Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address. | ||||
| CVE-2002-1080 | 1 Aprelium Technologies | 1 Abyss Web Server | 2026-04-16 | N/A |
| The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl. | ||||
| CVE-2001-1062 | 1 Caldera | 1 Openserver | 2026-04-16 | N/A |
| Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code. | ||||
| CVE-2001-1063 | 1 Caldera | 2 Openunix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument. | ||||
| CVE-2005-4822 | 1 Digger Solutions | 1 Intranet Open Source | 2026-04-16 | N/A |
| SQL injection vulnerability in projects/project-edit.asp in Digger Solutions Intranet Open Source (IOS) version 2.7.2 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. | ||||
| CVE-2001-1105 | 2 Cisco, Dell | 2 Icdn, Bsafe Ssl-j | 2026-04-16 | N/A |
| RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure. | ||||
| CVE-2001-1129 | 1 Progress | 1 Progress | 2026-04-16 | N/A |
| Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable. | ||||
| CVE-2002-2065 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root. | ||||
| CVE-2001-1147 | 2 Andries Brouwer, Redhat | 2 Util-linux, Linux | 2026-04-16 | N/A |
| The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits. | ||||
| CVE-2001-1163 | 1 Munica | 1 Netsql | 2026-04-16 | N/A |
| Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attackers to execute arbitrary code via a long CONNECT argument to port 6500. | ||||
| CVE-2001-1248 | 1 Vwebserver | 1 Vwebserver | 2026-04-16 | N/A |
| vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character (%20). | ||||
| CVE-2001-1250 | 1 Vwebserver | 1 Vwebserver | 2026-04-16 | N/A |
| vWebServer 1.2.0 allows remote attackers to cause a denial of service (hang) via a small number of long URL requests, possibly due to a buffer overflow. | ||||