Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29916 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1478 1 Caldera 2 Openunix, Unixware 2026-06-16 7.2 HIGH N/A
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.
CVE-2001-1477 1 Bea 1 Tuxedo 2026-06-16 4.6 MEDIUM N/A
The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.
CVE-2001-1476 1 Ssh 1 Ssh 2026-06-16 7.5 HIGH N/A
SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote attackers to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on whether the guess is correct or not.
CVE-2001-1475 1 Ssh 1 Ssh 2026-06-16 7.5 HIGH N/A
SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated.
CVE-2001-1474 1 Ssh 1 Ssh 2026-06-16 5.0 MEDIUM N/A
SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
CVE-2001-1472 1 Phpbb Group 1 Phpbb 2026-06-16 4.6 MEDIUM N/A
SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter.
CVE-2001-1470 1 Ssh 1 Ssh 2026-06-16 5.0 MEDIUM N/A
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
CVE-2001-1469 1 Ssh 1 Ssh 2026-06-16 5.0 MEDIUM N/A
The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
CVE-2001-1468 1 Secure Reality 1 Phpsecurepages 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
CVE-2001-1467 1 Don Libes 1 Expect 2026-06-16 7.5 HIGH N/A
mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.
CVE-2001-1466 1 Van Dyke Technologies 1 Securecrt 2026-06-16 7.5 HIGH N/A
Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
CVE-2001-1465 1 Surfcontrol 1 Superscout Web Filter 2026-06-16 4.6 MEDIUM N/A
SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both data elements.
CVE-2001-1464 1 Businessobjects 1 Crystal Reports 2026-06-16 7.5 HIGH N/A
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.
CVE-2001-1462 1 Rsa 1 Securid 2026-06-16 7.5 HIGH N/A
WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information.
CVE-2001-1461 1 Rsa 1 Securid 2026-06-16 7.5 HIGH N/A
Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1) /.. or (2) \.. sequences.
CVE-2001-1460 1 Postnuke Software Foundation 1 Postnuke 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.
CVE-2001-1459 1 Openbsd 1 Openssh 2026-06-16 7.5 HIGH N/A
OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.
CVE-2001-1458 1 Novell 1 Groupwise 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.
CVE-2001-1457 1 Nobreak Technologies 1 Crazywwwboard 2026-06-16 7.5 HIGH N/A
Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTP_USER_AGENT CGI environment variable.
CVE-2001-1455 1 Netegrity 1 Siteminder 2026-06-16 7.5 HIGH N/A
Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters.