Search Results (363487 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0202 1 Informs 1 Picserver 2026-04-16 N/A
Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request.
CVE-2000-1127 1 Hp 1 Hp-ux 2026-04-16 N/A
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.
CVE-2003-1008 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application.
CVE-2000-1130 1 Network Associates 1 Webshield Smtp 2026-04-16 N/A
McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.
CVE-2000-1131 1 Bill Kendrick 1 Gbook.cgi 2026-04-16 N/A
Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable.
CVE-2000-1133 1 Flicks Software 1 Authentix 2026-04-16 N/A
Authentix Authentix100 allows remote attackers to bypass authentication by inserting a . (dot) into the URL for a protected directory.
CVE-2003-1011 1 Apple 1 Mac Os X 2026-04-16 N/A
Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell.
CVE-2000-1134 7 Caldera, Conectiva, Hp and 4 more 9 Openlinux, Openlinux Edesktop, Openlinux Eserver and 6 more 2026-04-16 N/A
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
CVE-2000-1138 1 Ibm 1 Lotus Notes 2026-04-16 N/A
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.
CVE-2000-1140 1 Recourse Technologies 1 Mantrap 2026-04-16 N/A
Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing in the /proc filesystem.
CVE-2006-4508 2 Scatterchat, Tor 2 Scatterchat, Tor 2026-04-16 N/A
Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service (flood) via unspecified vectors.
CVE-2000-1141 1 Recourse Technologies 1 Mantrap 2026-04-16 N/A
Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which allows attackers to determine that they are in a honeypot system.
CVE-2000-1142 1 Recourse Technologies 1 Mantrap 2026-04-16 N/A
Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc/self/cwd and executes the pwd command, which allows attackers to determine that they are in a honeypot system.
CVE-2000-1147 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag.
CVE-2000-1148 1 Volano Llc 1 Volanochatpro 2026-04-16 N/A
The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server.
CVE-2000-1153 1 Kenny Carruthers 1 Postmaster 2026-04-16 N/A
PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.
CVE-2000-1156 1 Sun 1 Staroffice 2026-04-16 N/A
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
CVE-2003-1013 2 Ethereal, Redhat 3 Ethereal, Enterprise Linux, Linux 2026-04-16 7.5 High
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
CVE-2000-1163 1 Aladdin Enterprises 1 Ghostscript 2026-04-16 N/A
ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript.
CVE-2006-0753 1 Microsoft 1 Ie 2026-04-16 N/A
Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to cause a denial of service (memory consumption) via JavaScript that uses setInterval to repeatedly call a function to set the value of window.status.