Search Results (363761 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0396 1 Pacific Software 1 Carello 2026-04-16 N/A
The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files.
CVE-2000-0398 1 Rockliffe 1 Mailsite 2026-04-16 N/A
Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request.
CVE-2000-0400 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post.
CVE-2000-0406 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
CVE-2000-0407 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.
CVE-2003-0764 1 Squished Mosquito 1 Escapade 2026-04-16 N/A
Escapade Scripting Engine (ESP) allows remote attackers to obtain sensitive path information via a malformed request, which leaks the information in an error message, as demonstrated using the PAGE parameter.
CVE-2000-0413 1 Microsoft 3 Frontpage, Internet Information Server, Internet Information Services 2026-04-16 N/A
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
CVE-2000-0415 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
CVE-2003-0765 1 Nullsoft 1 Winamp 2026-04-16 N/A
The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value.
CVE-2000-0418 1 Cayman 2 3220-h Dsl Router, Gatorsurf 2026-04-16 N/A
The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP echo (ping) requests.
CVE-2003-0771 1 Apache Gallery 1 Apache Gallery 2026-04-16 N/A
Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does.
CVE-2000-0419 1 Microsoft 10 Access, Excel, Frontpage and 7 more 2026-04-16 N/A
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
CVE-2000-0425 1 Lsoft 1 Listserv 2026-04-16 N/A
Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands.
CVE-2005-4824 1 Glen Campbell 1 Siteframe 2026-04-16 N/A
PHP remote file inclusion vulnerability in web/classes.php in Siteframe before 3.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the LOCAL_PATH parameter, a different vulnerability than CVE-2005-1965.
CVE-2000-0429 1 Mcmurtrey Whitaker And Associates 1 Cart32 2026-04-16 N/A
A backdoor password in Cart32 3.0 and earlier allows remote attackers to execute arbitrary commands.
CVE-2000-0434 1 Matthew Redman 1 Allmanage 2026-04-16 N/A
The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.
CVE-2000-0440 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2026-04-16 N/A
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
CVE-2000-0449 1 Omnis 1 Studio 2026-04-16 N/A
Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields.
CVE-2003-0775 2 Redhat, Sane 4 Enterprise Linux, Linux, Sane and 1 more 2026-04-16 N/A
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash).
CVE-2000-0452 1 Lotus 2 Domino Enterprise Server, Domino Mail Server 2026-04-16 N/A
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command.