Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29922 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1351 1 Namazu 1 Namazu 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.
CVE-2001-1350 1 Namazu 1 Namazu 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
CVE-2001-1349 1 Sendmail 1 Sendmail 2026-06-16 3.7 LOW N/A
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
CVE-2001-1348 1 Twig Development Team 1 Twig 2026-06-16 7.5 HIGH N/A
TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter.
CVE-2001-1347 1 Microsoft 1 Windows 2000 2026-06-16 4.6 MEDIUM N/A
Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes.
CVE-2001-1346 2 Broadcom, Ca 2 Arcserve Backup, Arcserve Backup 2026-06-16 1.2 LOW N/A
Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.
CVE-2001-1345 1 Jetico 1 Bestcrypt 2026-06-16 4.6 MEDIUM N/A
bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program.
CVE-2001-1344 1 Cgicentral 2 Webstore 400, Webstore 400cs 2026-06-16 7.5 HIGH N/A
WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot).
CVE-2001-1343 1 Cgicentral 2 Webstore 400, Webstore 400cs 2026-06-16 7.5 HIGH N/A
ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter.
CVE-2001-1342 1 Apache 1 Http Server 2026-06-16 5.0 MEDIUM N/A
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
CVE-2001-1341 1 Beck Ipc Gmbh 1 Ipc At Chip Embedded-webserver 2026-06-16 5.0 MEDIUM N/A
The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi program by default, which allows remote attackers to obtain sensitive network information via a request to the program.
CVE-2001-1340 1 Beck Ipc Gmbh 1 Ipc At Chip Telnetd Server 2026-06-16 5.0 MEDIUM N/A
Beck GmbH IPC@Chip TelnetD service supports only one connection and does not disconnect a user who does not complete the login process, which allows remote attackers to lock out the administrator account by connecting to the service.
CVE-2001-1338 1 Beck Ipc Gmbh 1 Ipc At Chip Telnetd Server 2026-06-16 5.0 MEDIUM N/A
Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system.
CVE-2001-1337 1 Beck Ipc Gmbh 1 Ipc At Chip Embedded-webserver 2026-06-16 5.0 MEDIUM N/A
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request.
CVE-2001-1336 1 Aclogic 1 Cesarftp 2026-06-16 7.5 HIGH N/A
CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges.
CVE-2001-1335 1 Aclogic 1 Cesarftp 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot).
CVE-2001-1334 1 Phpslash 1 Phpslash 2026-06-16 5.0 MEDIUM N/A
Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.
CVE-2001-1333 1 Easy Software Products 1 Cups 2026-06-16 1.2 LOW N/A
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files.
CVE-2001-1332 1 Easy Software Products 1 Cups 2026-06-16 7.5 HIGH N/A
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.
CVE-2001-1331 2 Debian, Progeny 2 Debian Linux, Debian 2026-06-16 1.2 LOW N/A
mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.