Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0684 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file.
CVE-2000-0691 1 Gert Doering 1 Mgetty 2026-04-16 N/A
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.
CVE-1999-1503 1 Nfr 1 Nfr 2026-04-16 N/A
Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field.
CVE-2000-0729 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
CVE-2000-0733 1 Sgi 1 Irix 2026-04-16 N/A
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
CVE-2000-0734 2 Eeye Digital Security, Spynet 2 Iris, Capturenet 2026-04-16 N/A
eEye IRIS 1.01 beta allows remote attackers to cause a denial of service via a large number of UDP connections.
CVE-2000-0737 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability.
CVE-2000-0739 1 Network Associates 1 Net Tools Pki Server 2026-04-16 N/A
Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server.
CVE-2000-0742 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability.
CVE-2002-0366 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2026-04-16 N/A
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the rasphone.pbk file to use a long dial-up entry.
CVE-2001-1200 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.
CVE-2002-0333 1 Xtell 1 Xtell 2026-04-16 N/A
Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument.
CVE-2000-0752 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments.
CVE-2001-1213 1 Datawizard 1 Ftpxq 2026-04-16 N/A
The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder.
CVE-2000-0784 1 Rapidstream 1 Rapidstream 2026-04-16 N/A
sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh.
CVE-2000-0804 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."
CVE-2004-0724 1 Valve Software 2 Half-life, Half-life Dedicated Server 2026-04-16 N/A
The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) via an empty fragmented packet.
CVE-2002-1769 1 Microsoft 2 Site Server, Site Server Commerce 2026-04-16 N/A
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.
CVE-2000-0890 1 Freebsd 1 Freebsd 2026-04-16 N/A
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-0429 1 Cisco 1 Catos 2026-04-16 N/A
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.