U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 165,012 matching records.
Displaying matches 161,181 through 161,200.
Vuln ID Summary CVSS Severity
CVE-2001-1126

Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.

Published: October 05, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2001-1127

Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.

Published: October 05, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2001-0670

Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.

Published: October 03, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1048

AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1049

Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1050

CCCSoftware CCC PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1051

Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1052

Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1054

PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1234

Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1235

pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1236

myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1237

Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1255

WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2001-1296

More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2001-1297

PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1298

Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2001-1299

Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2001-1419

AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments.

Published: October 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2001-0731

Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.

Published: October 01, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM