Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2001-1420 | AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow. | 5.0 | 2.35% | 2005-05-02 | 2026-04-16 |
| CVE-2001-1413 | Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument. | 7.5 | 9.03% | 2004-12-23 | 2026-04-16 |
| CVE-2001-1412 | nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument. | 2.1 | 0.23% | 2003-11-17 | 2026-04-16 |
| CVE-2001-1411 | Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if gm4 is called by setuid programs. | 7.2 | 0.06% | 2003-11-17 | 2026-04-16 |
| CVE-2001-1410 | Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering. | 5.0 | 61.59% | 2003-08-18 | 2026-04-16 |
| CVE-2001-1409 | dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system. | 3.6 | 0.07% | 2003-07-24 | 2026-04-16 |
| CVE-2001-1451 | Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests. | 5.0 | 22.04% | 2002-10-22 | 2026-04-16 |
| CVE-2001-1300 | Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD) command. | 5.0 | 0.40% | 2002-06-25 | 2026-04-16 |
| CVE-2001-1340 | Beck GmbH IPC@Chip TelnetD service supports only one connection and does not disconnect a user who does not complete the login process, which allows remote attackers to lock out the administrator account by connecting to the service. | 5.0 | 1.79% | 2002-05-21 | 2026-04-16 |
| CVE-2001-1334 | Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL. | 5.0 | 6.96% | 2002-05-19 | 2026-04-16 |
| CVE-2001-1175 | vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing. | 7.2 | 0.05% | 2002-04-01 | 2026-04-16 |
| CVE-2001-1174 | Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header. | 7.5 | 4.25% | 2002-04-01 | 2026-04-16 |
| CVE-2001-1171 | Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. | 7.2 | 0.05% | 2002-04-01 | 2026-04-16 |
| CVE-2001-1165 | Intego FileGuard 4.0 uses weak encryption to store user information and passwords, which allows local users to gain privileges by decrypting the information, e.g., with the Disengage tool. | 4.6 | 0.21% | 2002-04-01 | 2026-04-16 |
| CVE-2001-1222 | Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain. | 5.0 | 2.26% | 2002-03-25 | 2026-04-16 |
| CVE-2001-1377 | Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. | 5.0 | 13.34% | 2002-03-04 | 2026-04-16 |
| CVE-2001-1376 | Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. | 7.5 | 30.49% | 2002-03-04 | 2026-04-16 |
| CVE-2001-1465 | SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both data elements. | 4.6 | 0.06% | 2002-02-26 | 2026-04-16 |
| CVE-2001-1079 | create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. | 3.6 | 0.04% | 2002-02-13 | 2026-04-16 |
| CVE-2001-1058 | The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license. | 7.5 | 0.42% | 2002-02-13 | 2026-04-16 |