Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1203 | 1 Alessandro Rubini | 1 Gpm | 2026-06-16 | 7.2 HIGH | N/A |
| Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges. | |||||
| CVE-2001-1202 | 1 Delegate | 1 Delegate | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error. | |||||
| CVE-2001-1201 | 1 Timecop | 1 Wmcube Gdk | 2026-06-16 | 7.2 HIGH | N/A |
| Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file. | |||||
| CVE-2001-1200 | 1 Microsoft | 1 Windows Xp | 2026-06-16 | 7.2 HIGH | N/A |
| Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys. | |||||
| CVE-2001-1199 | 1 Steve Kneizys | 1 Agora.cgi | 2026-06-16 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter. | |||||
| CVE-2001-1198 | 1 Hp | 1 Hp-ux | 2026-06-16 | 7.2 HIGH | N/A |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. | |||||
| CVE-2001-1197 | 1 Kde | 1 Kdeutils | 2026-06-16 | 4.6 MEDIUM | N/A |
| klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file. | |||||
| CVE-2001-1196 | 1 Webmin | 1 Webmin | 2026-06-16 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument. | |||||
| CVE-2001-1195 | 1 Novell | 1 Groupwise | 2026-06-16 | 7.5 HIGH | N/A |
| Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. | |||||
| CVE-2001-1194 | 1 Zyxel | 2 Prestige 1600, Prestige 681 | 2026-06-16 | 5.0 MEDIUM | N/A |
| Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly. | |||||
| CVE-2001-1193 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command. | |||||
| CVE-2001-1192 | 1 Citrix | 1 Ica Client | 2026-06-16 | 7.5 HIGH | N/A |
| Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client. | |||||
| CVE-2001-1191 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2026-06-16 | 5.0 MEDIUM | N/A |
| WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. | |||||
| CVE-2001-1190 | 1 Mandrakesoft | 1 Mandrake Linux | 2026-06-16 | 4.6 MEDIUM | N/A |
| The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended. | |||||
| CVE-2001-1189 | 1 Ibm | 1 Websphere Application Server | 2026-06-16 | 4.6 MEDIUM | N/A |
| IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script. | |||||
| CVE-2001-1188 | 1 Brian Dorricott | 1 Mailto | 2026-06-16 | 7.5 HIGH | N/A |
| mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields. | |||||
| CVE-2001-1187 | 1 Mutasem Abudahab | 2 Csvform, Csvform Plus | 2026-06-16 | 7.5 HIGH | N/A |
| csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter. | |||||
| CVE-2001-1186 | 1 Microsoft | 1 Internet Information Services | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection. | |||||
| CVE-2001-1185 | 1 Freebsd | 1 Freebsd | 2026-06-16 | 6.2 MEDIUM | N/A |
| Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges. | |||||
| CVE-2001-1184 | 1 Denicomp | 1 Winsock Rshd Nt | 2026-06-16 | 5.0 MEDIUM | N/A |
| wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that port and all ports below 1024, and (2) in 2.21.00, a port number of 1024. | |||||
