Total
288331 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0275 | 1 Blueface | 1 Falcon Web Server | 2025-04-03 | N/A |
| Falcon web server 2.0.0.1020 and earlier allows remote attackers to bypass authentication and read restricted files via an extra / (slash) in the requested URL. | ||||
| CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | ||||
| CVE-2001-0550 | 3 David Madore, Redhat, Washington University | 3 Ftpd-bsd, Linux, Wu-ftpd | 2025-04-03 | N/A |
| wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob). | ||||
| CVE-2001-1302 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function. | ||||
| CVE-2002-0066 | 2 Bindview, Funk Software | 2 Netrc, Funk Software Proxy | 2025-04-03 | N/A |
| Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges. | ||||
| CVE-2000-0310 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets. | ||||
| CVE-2001-1306 | 1 Sun | 1 Iplanet Directory Server | 2025-04-03 | N/A |
| iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2025-04-03 | N/A |
| Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2000-0312 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function. | ||||
| CVE-2002-0278 | 1 Add2it | 1 Mailman Free | 2025-04-03 | N/A |
| Directory traversal vulnerability in Add2it Mailman Free 1.73 and earlier allows remote attackers to modify arbitrary files via a .. (dot dot) in the list parameter. | ||||
| CVE-2000-0318 | 1 Atrium Software | 1 Mercur Mailserver | 2025-04-03 | N/A |
| Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack. | ||||
| CVE-2001-1311 | 1 Ibm | 1 Lotus Domino R5 | 2025-04-03 | N/A |
| Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
| CVE-2000-0319 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | N/A |
| mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n. | ||||
| CVE-2001-0554 | 10 Debian, Freebsd, Ibm and 7 more | 12 Debian Linux, Freebsd, Aix and 9 more | 2025-04-03 | N/A |
| Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | ||||
| CVE-2000-0320 | 2 Qualcomm, Sun | 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i | 2025-04-03 | N/A |
| Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n. | ||||
| CVE-2001-0555 | 1 Screaming Media | 1 Siteware | 2025-04-03 | N/A |
| ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. | ||||
| CVE-2000-0321 | 1 Icradius | 1 Icradius | 2025-04-03 | N/A |
| Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. | ||||
| CVE-2000-0322 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2000-0323 | 1 Microsoft | 1 Jet | 2025-04-03 | N/A |
| The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability. | ||||
| CVE-2001-0558 | 1 T. Hauck | 1 Jana Web Server | 2025-04-03 | N/A |
| T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0). | ||||