Search Results (364647 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0631 1 Vmware 2 Gsx Server, Workstation 2026-04-16 N/A
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session.
CVE-2000-0061 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.
CVE-2000-0067 1 Cybercash 1 Merchant Connection Kit 2026-04-16 N/A
CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack.
CVE-2003-0636 1 Novell 1 Ichain 2026-04-16 N/A
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites.
CVE-2000-0077 1 Hp 1 Hp-ux 2026-04-16 N/A
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.
CVE-2000-0078 1 Hp 1 Hp-ux 2026-04-16 N/A
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
CVE-2003-0638 1 Novell 1 Ichain 2026-04-16 N/A
Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login."
CVE-2000-0079 1 W3c 1 Cern Httpd 2026-04-16 N/A
The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL.
CVE-2003-0641 1 Watchguard 1 Serverlock 2026-04-16 N/A
WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local users to load arbitrary modules via the OpenProcess() function, as demonstrated using (1) a DLL injection attack, (2) ZwSetSystemInformation, and (3) API hooking in OpenProcess.
CVE-2000-0084 1 Globalscape 1 Cuteftp 2026-04-16 N/A
CuteFTP uses weak encryption to store password information in its tree.dat file.
CVE-2004-1019 5 Openpkg, Php, Redhat and 2 more 7 Openpkg, Php, Enterprise Linux and 4 more 2026-04-16 N/A
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
CVE-2000-0085 1 Microsoft 1 Hotmail 2026-04-16 N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.
CVE-2003-0646 1 Trend Micro 2 Damage Cleanup Server, Housecall 2026-04-16 N/A
Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.
CVE-2000-0092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 N/A
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
CVE-2000-0096 1 Qualcomm 1 Qpopper 2026-04-16 N/A
Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command.
CVE-2003-0669 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.
CVE-2000-0119 2 Mcafee, Symantec 2 Virusscan, Norton Antivirus 2026-04-16 N/A
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
CVE-2000-0120 1 Allaire 1 Spectra 2026-04-16 N/A
The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter.
CVE-2000-0125 1 Wired Community Software 1 Wwwthreads 2026-04-16 N/A
wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums.
CVE-2000-0129 1 Microsoft 3 Windows 95, Windows 98, Windows Nt 2026-04-16 N/A
Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.