Search Results (364911 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0195 1 Debian 1 Debian Linux 2026-04-16 7.8 High
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
CVE-2000-0293 1 Suse 1 Suse Linux 2026-04-16 N/A
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.
CVE-2000-0306 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.
CVE-2000-0310 1 Openbsd 1 Openbsd 2026-04-16 N/A
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets.
CVE-2000-0300 1 Symantec 1 Pcanywhere 2026-04-16 N/A
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
CVE-2000-0313 1 Openbsd 1 Openbsd 2026-04-16 N/A
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations.
CVE-2000-0302 1 Microsoft 1 Index Server 2026-04-16 N/A
Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL.
CVE-2000-0318 1 Atrium Software 1 Mercur Mailserver 2026-04-16 N/A
Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack.
CVE-2000-0322 1 Redhat 1 Linux 2026-04-16 N/A
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.
CVE-2000-0325 1 Microsoft 1 Jet 2026-04-16 N/A
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
CVE-2000-0335 2 Gnu, Isc 2 Glibc, Bind 2026-04-16 N/A
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
CVE-2000-0340 1 Suse 1 Suse Linux 2026-04-16 N/A
Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable.
CVE-2004-1948 1 Ncftp Software 1 Ncftp 2026-04-16 N/A
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.
CVE-2000-0342 1 Qualcomm 1 Eudora 2026-04-16 7.5 High
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
CVE-1999-1163 1 Hp 1 9000 2026-04-16 N/A
Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.
CVE-2004-0545 1 Ibm 1 Aix 2026-04-16 N/A
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2000-0343 1 Brecht Claerhout 1 Sniffit 2026-04-16 N/A
Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header.
CVE-2000-0344 1 Linux 1 Linux Kernel 2026-04-16 N/A
The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value.
CVE-2000-0350 1 Networkice 1 Icecap Manager 2026-04-16 N/A
A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events.
CVE-2004-1951 1 Xine 3 Xine, Xine-lib, Xine-ui 2026-04-16 N/A
xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link.