Export limit exceeded: 364697 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364697 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0322 | 1 Microsoft | 3 Internet Explorer, Outlook, Outlook Express | 2026-04-16 | N/A |
| MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object. | ||||
| CVE-2001-0323 | 2026-04-16 | N/A | ||
| The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets between two target hosts, which could cause one host to lower its MTU when transmitting to the other host. | ||||
| CVE-2001-0324 | 1 Microsoft | 2 Windows 2000, Windows 98 | 2026-04-16 | N/A |
| Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash. | ||||
| CVE-2001-0325 | 1 Qnx | 1 Rtp | 2026-04-16 | N/A |
| Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. | ||||
| CVE-2001-0326 | 1 Oracle | 2 Application Server, Oracle8i | 2026-04-16 | N/A |
| Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission. | ||||
| CVE-2001-0430 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files. | ||||
| CVE-2001-0327 | 1 Iplanet | 1 Iplanet Web Server | 2026-04-16 | N/A |
| iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server. | ||||
| CVE-2001-0328 | 2026-04-16 | N/A | ||
| TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN. | ||||
| CVE-2001-0329 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi. | ||||
| CVE-2001-0330 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed. | ||||
| CVE-2001-0331 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands. | ||||
| CVE-2001-0332 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2001-0333 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice. | ||||
| CVE-2001-0334 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | 7.5 High |
| FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | ||||
| CVE-2001-0335 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters. | ||||
| CVE-2001-0336 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request. | ||||
| CVE-2001-0337 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests. | ||||
| CVE-2001-0338 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability." | ||||
| CVE-2001-0339 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." | ||||
| CVE-2001-0340 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically. | ||||