Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2001-0842

Publication date:
06/12/2001
Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0843

Publication date:
06/12/2001
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0844

Publication date:
06/12/2001
Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0845

Publication date:
06/12/2001
Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0846

Publication date:
06/12/2001
Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf).
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0847

Publication date:
06/12/2001
Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0848

Publication date:
06/12/2001
join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0849

Publication date:
06/12/2001
viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0850

Publication date:
06/12/2001
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0851

Publication date:
06/12/2001
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0852

Publication date:
06/12/2001
TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026

CVE-2001-0853

Publication date:
06/12/2001
Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat.
Severity CVSS v4.0: Pending analysis
Last modification:
16/06/2026