Total
288400 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-1999-0006 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | 9.8 Critical |
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command. | ||||
CVE-1999-0021 | 1 Muhammad A. Muquit | 1 Wwwcount | 2025-04-03 | N/A |
Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program. | ||||
CVE-2000-1097 | 1 Sonicwall | 1 Soho Firewall | 2025-04-03 | N/A |
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. | ||||
CVE-2001-0985 | 1 Hassan Consulting | 1 Shopping Cart | 2025-04-03 | N/A |
shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter. | ||||
CVE-2001-1484 | 1 Alcatel | 2 Adsl Modem 1000, Speed Touch Adsl Modem | 2025-04-03 | N/A |
Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) side, which is allowed to access TFTP without authentication. | ||||
CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2025-04-03 | 7.8 High |
Local user gains root privileges via buffer overflow in rdist, via expstr() function. | ||||
CVE-2000-1101 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | N/A |
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack. | ||||
CVE-2001-0987 | 1 Nathan Neulinger | 1 Cgiwrap | 2025-04-03 | N/A |
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap. | ||||
CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2025-04-03 | N/A |
DNS cache poisoning via BIND, by predictable query IDs. | ||||
CVE-1999-0025 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
root privileges via buffer overflow in df command on SGI IRIX systems. | ||||
CVE-2000-1103 | 1 Bsdi | 1 Bsd Os | 2025-04-03 | N/A |
rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line. | ||||
CVE-2001-0988 | 1 Knox Software | 1 Arkeia | 2025-04-03 | N/A |
Arkeia backup server 4.2.8-2 and earlier creates its database files with world-writable permissions, which could allow local users to overwrite the files or obtain sensitive information. | ||||
CVE-1999-0030 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
root privileges via buffer overflow in xlock command on SGI IRIX systems. | ||||
CVE-2000-1108 | 1 Midnight Commander | 1 Midnight Commander | 2025-04-03 | N/A |
cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument. | ||||
CVE-1999-0031 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2025-04-03 | N/A |
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. | ||||
CVE-2000-1109 | 1 Midnight Commander | 1 Midnight Commander | 2025-04-03 | N/A |
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed. | ||||
CVE-2001-0990 | 1 Inter7 | 1 Vpopmail | 2025-04-03 | N/A |
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library. | ||||
CVE-2001-1488 | 1 Open Projects Network | 1 Open Projects Network Ircd | 2025-04-03 | N/A |
Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the daemon. | ||||
CVE-1999-0036 | 1 Sgi | 1 Irix | 2025-04-03 | 8.4 High |
IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. | ||||
CVE-2000-1110 | 1 Ibm | 1 Net.data | 2025-04-03 | N/A |
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program. |