Search Results (364541 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0038 1 Glftpd 1 Glftpd 2026-04-16 N/A
glFtpD includes a default glftpd user account with a default password and a UID of 0.
CVE-2000-0039 1 Altavista 1 Search Intranet 2026-04-16 N/A
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
CVE-2003-0617 1 Hugo Rabson 1 Mindi 2026-04-16 N/A
mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
CVE-2000-0041 1 Apple 1 Macos 2026-04-16 N/A
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
CVE-2003-0618 3 Debian, Perl, Redhat 3 Debian Linux, Suidperl, Enterprise Linux 2026-04-16 N/A
Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
CVE-2000-0042 1 Csm 1 Mail Server 2026-04-16 N/A
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
CVE-2000-0046 1 Mirabilis 1 Icq 2026-04-16 N/A
Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message.
CVE-2000-0048 1 Corel 1 Linux 2026-04-16 N/A
get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.
CVE-2003-0620 1 Andries Brouwer 1 Man 2026-04-16 N/A
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so argument to test_for_include in ult_src.c, (4) a long MANPATH environment variable, or (5) a long PATH environment variable.
CVE-2000-0049 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
CVE-2003-0623 1 Bea 2 Tuxedo, Weblogic Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument.
CVE-2000-0052 3 Mandrakesoft, Redhat, Turbolinux 3 Mandrake Linux, Linux, Turbolinux 2026-04-16 N/A
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
CVE-2003-0628 1 Peoplesoft 1 Peopletools 2026-04-16 N/A
PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.
CVE-2003-0631 1 Vmware 2 Gsx Server, Workstation 2026-04-16 N/A
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session.
CVE-2000-0061 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.
CVE-2000-0067 1 Cybercash 1 Merchant Connection Kit 2026-04-16 N/A
CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack.
CVE-2003-0636 1 Novell 1 Ichain 2026-04-16 N/A
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites.
CVE-2000-0077 1 Hp 1 Hp-ux 2026-04-16 N/A
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.
CVE-2000-0078 1 Hp 1 Hp-ux 2026-04-16 N/A
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
CVE-2003-0638 1 Novell 1 Ichain 2026-04-16 N/A
Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login."