Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1209 2 Compaq, Microsoft 4 Insight Manager, Insight Manager Xe, Data Engine and 1 more 2026-04-16 N/A
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.
CVE-2000-1211 2 Redhat, Zope 2 Powertools, Zope 2026-04-16 N/A
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
CVE-2000-1213 3 Immunix, Iputils, Redhat 3 Immunix, Iputils, Linux 2026-04-16 N/A
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
CVE-2003-1053 1 Xshisen 1 Xshisen 2026-04-16 N/A
Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV command line option or (2) XSHISENLIB environment variable.
CVE-2004-1061 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter.
CVE-2000-1214 3 Immunix, Iputils, Redhat 3 Immunix, Iputils, Linux 2026-04-16 N/A
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
CVE-2000-1215 1 Ibm 1 Lotus Domino 2026-04-16 N/A
The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information.
CVE-2003-1054 1 Mod Access Referer 1 Mod Access Referer 2026-04-16 N/A
mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.
CVE-2003-1057 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.
CVE-2005-3672 1 Stonesoft 1 Stonegate Firewall 2026-04-16 N/A
The Internet Key Exchange version 1 (IKEv1) implementation in Stonesoft StoneGate Firewall before 2.6.1 allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Stonesoft advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
CVE-2000-1221 3 Debian, Redhat, Sgi 3 Debian Linux, Linux, Irix 2026-04-16 N/A
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
CVE-2003-1058 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.
CVE-2000-1225 1 Imatix 1 Xitami 2026-04-16 N/A
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.
CVE-2000-1226 1 Snort 1 Snort 2026-04-16 N/A
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap protocol scan.
CVE-2000-1233 1 Phorum 1 Phorum 2026-04-16 N/A
SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter.
CVE-2003-1059 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.
CVE-2000-1234 1 Phorum 1 Phorum 2026-04-16 N/A
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
CVE-2000-1238 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
CVE-2003-1060 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.
CVE-2000-1240 1 Anyportal Php 1 Anyportal Php 2026-04-16 N/A
Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information.