Search Results (364491 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3309 1 Internet Scout Project 1 Scout Portal Toolkit 2026-04-16 N/A
SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal Toolkit (SPT) 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
CVE-2000-0485 1 Microsoft 1 Sql Server 2026-04-16 N/A
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
CVE-2000-0489 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 N/A
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
CVE-2000-0492 1 Passwd 1 Passwd 2026-04-16 N/A
PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords.
CVE-2000-0508 3 Debian, Mandrakesoft, Redhat 3 Debian Linux, Mandrake Linux, Linux 2026-04-16 N/A
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
CVE-2000-0513 1 Debian 1 Debian Linux 2026-04-16 N/A
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password.
CVE-2003-0780 4 Conectiva, Mysql, Oracle and 1 more 5 Linux, Mysql, Mysql and 2 more 2026-04-16 N/A
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
CVE-2000-0519 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.
CVE-2003-0782 1 Ecartis 1 Ecartis 2026-04-16 N/A
Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2000-0521 1 Michael Lamont 1 Savant Webserver 2026-04-16 N/A
Savant web server allows remote attackers to read source code of CGI scripts via a GET request that does not include the HTTP version number.
CVE-2000-0345 1 Cisco 7 Ios, Router 2500, Router 2600 and 4 more 2026-04-16 N/A
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.
CVE-2003-0747 1 Sap 1 Internet Transaction Server 2026-04-16 N/A
wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~language, (4) ~theme, or (5) ~template, which leaks the information in the resulting error message.
CVE-2000-0341 1 Atrium Software 1 Cassandra Nntp Server 2026-04-16 N/A
ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long login name.
CVE-2000-0333 2 Ethereal Group, Lbl 2 Ethereal, Tcpdump 2026-04-16 N/A
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.
CVE-2003-0742 1 Sco 1 Openserver 2026-04-16 N/A
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program.
CVE-2000-0330 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
CVE-2003-0740 2 Redhat, Stunnel 3 Enterprise Linux, Linux, Stunnel 2026-04-16 N/A
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
CVE-2000-0328 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
CVE-2003-0738 1 Phpwebsite 1 Phpwebsite 2026-04-16 N/A
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service (crash) via a long year parameter.
CVE-2000-0327 1 Microsoft 1 Virtual Machine 2026-04-16 N/A
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.