Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29922 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1287 1 Ipswitch 1 Imail 2026-06-16 7.5 HIGH N/A
Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2001-1286 1 Ipswitch 1 Imail 2026-06-16 7.5 HIGH N/A
Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control.
CVE-2001-1285 1 Ipswitch 1 Imail 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter.
CVE-2001-1284 1 Ipswitch 1 Imail 2026-06-16 7.5 HIGH N/A
Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users.
CVE-2001-1283 1 Ipswitch 1 Imail 2026-06-16 7.5 HIGH N/A
The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code.
CVE-2001-1282 1 Ipswitch 1 Imail 2026-06-16 5.0 MEDIUM N/A
Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information.
CVE-2001-1281 1 Ipswitch 1 Imail 2026-06-16 5.0 MEDIUM N/A
Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form.
CVE-2001-1280 1 Ipswitch 1 Imail 2026-06-16 5.0 MEDIUM N/A
POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system.
CVE-2001-1279 1 Lbl 1 Tcpdump 2026-06-16 7.5 HIGH N/A
Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error, a different vulnerability than CVE-2000-1026.
CVE-2001-1278 1 Zope 1 Zope 2026-06-16 7.5 HIGH N/A
Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.
CVE-2001-1277 1 Wolfram Schneider 1 Makewhatis 2026-06-16 2.1 LOW N/A
makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.
CVE-2001-1276 1 Itcorp 1 Ispell 2026-06-16 1.2 LOW N/A
ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file.
CVE-2001-1275 1 Oracle 1 Mysql 2026-06-16 7.2 HIGH N/A
MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
CVE-2001-1274 1 Oracle 1 Mysql 2026-06-16 7.5 HIGH N/A
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
CVE-2001-1273 1 Linux 1 Linux Kernel 2026-06-16 2.1 LOW N/A
The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system halt).
CVE-2001-1272 1 Wliang 1 Wmtv 2026-06-16 4.6 MEDIUM N/A
wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option.
CVE-2001-1271 1 Rarsoft 1 Rar 2026-06-16 2.1 LOW N/A
Directory traversal vulnerability in rar 2.02 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) attack on archived filenames.
CVE-2001-1270 1 Pkware 1 Pkzip 2026-06-16 2.1 LOW N/A
Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files.
CVE-2001-1269 1 Info-zip 1 Unzip 2026-06-16 2.1 LOW N/A
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.
CVE-2001-1268 1 Info-zip 1 Unzip 2026-06-16 2.1 LOW N/A
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.