Search Results (363677 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0001 1 Realnetworks 1 Realserver 2026-04-16 N/A
RealMedia server allows remote attackers to cause a denial of service via a long ramgen request.
CVE-2000-0004 1 Zbsoft 1 Zbserver 2026-04-16 N/A
ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL.
CVE-2000-0009 1 Nortel 1 Optivity Net Architect 2026-04-16 N/A
The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.
CVE-2000-0011 1 Analogx 1 Simpleserver Www 2026-04-16 N/A
Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.
CVE-2000-0020 1 Man And Mice 1 Dns Pro 2026-04-16 N/A
DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.
CVE-2001-1254 1 Com2001 1 Alexis Server 2026-04-16 N/A
Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing.
CVE-2001-1255 2 Mysql, Oracle 2 Winmysqladmin, Mysql 2026-04-16 N/A
WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
CVE-2001-1257 1 Horde 1 Imp 2026-04-16 N/A
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email.
CVE-2000-0025 1 Microsoft 3 Internet Information Server, Site Server, Site Server Commerce 2026-04-16 N/A
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
CVE-2000-0028 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
CVE-2000-0030 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
CVE-2000-0031 1 Redhat 1 Linux 2026-04-16 N/A
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
CVE-2000-0050 1 Allaire 1 Spectra 2026-04-16 N/A
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
CVE-2000-0052 3 Mandrakesoft, Redhat, Turbolinux 3 Mandrake Linux, Linux, Turbolinux 2026-04-16 N/A
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
CVE-2000-0060 1 Avirt 1 Rover 2026-04-16 N/A
Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name.
CVE-2000-0061 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.
CVE-2000-0063 1 Nortel 1 Contivity 2026-04-16 N/A
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
CVE-2001-1258 1 Horde 1 Imp 2026-04-16 N/A
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
CVE-2002-0353 2 Ethereal Group, Redhat 3 Ethereal, Linux, Powertools 2026-04-16 N/A
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.
CVE-2000-0068 1 Intel 1 Inbusiness Email Station 2026-04-16 N/A
daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modify its configuration, delete files, or read mail.