Export limit exceeded: 363719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363719 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1345 1 Jetico 1 Bestcrypt 2026-04-16 N/A
bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program.
CVE-2000-0413 1 Microsoft 3 Frontpage, Internet Information Server, Internet Information Services 2026-04-16 N/A
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
CVE-2000-0416 1 Microsoft 1 Windows 2000 2026-04-16 N/A
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server.
CVE-2001-1346 2 Broadcom, Ca 2 Arcserve Backup, Arcserve Backup 2026-04-16 N/A
Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.
CVE-2000-0417 1 Cayman 2 3220-h Dsl Router, Gatorsurf 2026-04-16 N/A
The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a denial of service via a long username or password.
CVE-2000-0432 1 Matt Kruse 1 Calendar Script 2026-04-16 N/A
The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2000-0433 1 Suse 1 Suse Linux 2026-04-16 N/A
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.
CVE-2000-0434 1 Matthew Redman 1 Allmanage 2026-04-16 N/A
The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.
CVE-2000-0435 1 Matthew Redman 1 Allmanage 2026-04-16 N/A
The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages.
CVE-2000-0437 1 Network Associates 3 Gauntlet Firewall, Webshield, Webshield E-ppliance 2026-04-16 N/A
Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands.
CVE-2000-0438 4 Caldera, Slackware, Suse and 1 more 4 Openlinux, Slackware Linux, Suse Linux and 1 more 2026-04-16 N/A
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
CVE-2001-1348 1 Twig Development Team 1 Twig 2026-04-16 N/A
TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter.
CVE-2000-0439 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.
CVE-2000-0440 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2026-04-16 N/A
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
CVE-2001-1349 2 Redhat, Sendmail 2 Linux, Sendmail 2026-04-16 N/A
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
CVE-2000-0441 1 Ibm 1 Aix 2026-04-16 N/A
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.
CVE-2000-0442 2 Qualcomm, Sun 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i 2026-04-16 N/A
Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command.
CVE-2000-0443 1 Hp 1 Jetadmin 2026-04-16 N/A
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2000-0444 1 Hp 1 Jetadmin 2026-04-16 N/A
HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.
CVE-2001-1353 2 Aladdin Enterprises, Redhat 2 Ghostscript, Linux 2026-04-16 N/A
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.