Full List

Search

Recent Vulnerabilities

• CVE-2001-0109 • published on May 7, 2001 rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
• CVE-2001-0110 • published on May 7, 2001 Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable.
• CVE-2001-0125 • published on May 7, 2001 exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
• CVE-2001-0117 • published on May 7, 2001 sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
• CVE-2001-0066 • published on May 7, 2001 Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer.
• CVE-2001-0089 • published on May 7, 2001 Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability.
• CVE-2001-0105 • published on May 7, 2001 Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group.
• CVE-2001-0111 • published on May 7, 2001 Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
• CVE-2001-0116 • published on May 7, 2001 gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
• CVE-2001-0119 • published on May 7, 2001 getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
• CVE-2001-0126 • published on May 7, 2001 Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet.
• CVE-2001-0071 • published on May 7, 2001 gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.
• CVE-2001-0072 • published on May 7, 2001 gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.
• CVE-2001-0080 • published on May 7, 2001 Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
• CVE-2001-0085 • published on May 7, 2001 Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands.
• CVE-2001-0091 • published on May 7, 2001 The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability.
• CVE-2001-0115 • published on May 7, 2001 Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
• CVE-2001-0092 • published on May 7, 2001 A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.
• CVE-2001-0096 • published on May 7, 2001 FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
• CVE-2001-0099 • published on May 7, 2001 bsguest.cgi guestbook script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address.