Search Results (363090 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0965 2 Gnu, Redhat 2 Mailman, Linux 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
CVE-2000-1000 1 Aol 1 Instant Messenger 2026-04-16 N/A
Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters.
CVE-2003-0968 1 Freeradius 1 Freeradius 2026-04-16 N/A
Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.
CVE-2000-1002 1 Stalker 1 Communigate Pro 2026-04-16 N/A
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
CVE-2000-1003 1 Microsoft 3 Windows 95, Windows 98, Windows 98se 2026-04-16 N/A
NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash.
CVE-2000-1008 1 Palm 1 Palm Os 2026-04-16 N/A
PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device.
CVE-2000-1010 2 Openbsd, Redhat 2 Openbsd, Linux 2026-04-16 N/A
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
CVE-2000-1015 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
The default configuration of Slashcode before version 2.0 Alpha has a default administrative password, which allows remote attackers to gain Slashcode privileges and possibly execute arbitrary commands.
CVE-2000-1018 1 Mendel Cooper 1 Shred 2026-04-16 N/A
shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, which prevents shred from properly replacing the file's data and allows local users to recover the file.
CVE-2000-1022 1 Cisco 1 Pix Firewall Software 2026-04-16 N/A
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
CVE-2000-1028 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.
CVE-2000-1031 1 Hp 2 Hp-ux, Tru64 2026-04-16 N/A
Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.
CVE-2000-1035 1 Typsoft 1 Typsoft 2026-04-16 N/A
Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER, PASS, or CWD command.
CVE-2003-0979 1 Freescripts 1 Visitorbook 2026-04-16 N/A
FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable.
CVE-2000-1039 1 Microsoft 5 Windows 95, Windows 98, Windows 98se and 2 more 2026-04-16 N/A
Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE.
CVE-2000-1040 1 Suse 1 Suse Linux 2026-04-16 N/A
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.
CVE-2000-1041 1 Swen Thuemmler 1 Ypbind 2026-04-16 N/A
Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges.
CVE-2003-0981 1 Freescripts 1 Visitorbook Le 2026-04-16 6.1 Medium
FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks.
CVE-2000-1042 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
CVE-2000-1043 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.