Total
288331 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2000-0413 | 1 Microsoft | 3 Frontpage, Internet Information Server, Internet Information Services | 2025-04-03 | N/A |
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path. | ||||
CVE-2000-0417 | 1 Cayman | 2 3220-h Dsl Router, Gatorsurf | 2025-04-03 | N/A |
The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a denial of service via a long username or password. | ||||
CVE-2001-0625 | 1 Broadcom | 1 Inoculateit | 2025-04-03 | N/A |
ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log . | ||||
CVE-2001-1350 | 2 Namazu, Redhat | 2 Namazu, Linux | 2025-04-03 | N/A |
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter. | ||||
CVE-2000-0419 | 1 Microsoft | 10 Access, Excel, Frontpage and 7 more | 2025-04-03 | N/A |
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. | ||||
CVE-2001-1347 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes. | ||||
CVE-2001-0620 | 1 Iplanet | 1 Calendar Server | 2025-04-03 | N/A |
iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions. | ||||
CVE-2000-0409 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. | ||||
CVE-2001-1270 | 1 Pkware | 1 Pkzip | 2025-04-03 | N/A |
Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option via a .. (dot dot) attack on the archived files. | ||||
CVE-2002-0054 | 1 Microsoft | 2 Exchange Server, Windows 2000 | 2025-04-03 | N/A |
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials. | ||||
CVE-2000-0196 | 3 Nmh, Redhat, Turbolinux | 3 Nmh, Linux, Turbolinux | 2025-04-03 | N/A |
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message. | ||||
CVE-2000-0197 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | ||||
CVE-2001-0468 | 1 Ftpfs | 1 Ftpfs | 2025-04-03 | N/A |
Buffer overflow in FTPFS allows local users to gain root privileges via a long user name. | ||||
CVE-2000-0198 | 1 Atrium Software | 3 Mercur Imap4 Server, Mercur Mailserver, Mercur Pop3 Server | 2025-04-03 | N/A |
Buffer overflow in POP3 and IMAP servers in the MERCUR mail server suite allows remote attackers to cause a denial of service. | ||||
CVE-2001-0470 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name. | ||||
CVE-2000-0199 | 1 Microsoft | 1 Sql Server | 2025-04-03 | N/A |
When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | ||||
CVE-2001-0474 | 2 Brian Paul, Mandrakesoft | 2 Mesa, Mandrake Linux | 2025-04-03 | N/A |
Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file. | ||||
CVE-2000-0205 | 1 Trend Micro | 1 Officescan | 2025-04-03 | N/A |
Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients. | ||||
CVE-2001-0478 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | N/A |
Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. | ||||
CVE-2000-0206 | 1 Oracle | 1 Oracle8i | 2025-04-03 | N/A |
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. |