Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0124 | 1 Surfcontrol | 1 Superscout | 2008-09-10 | 2.1 LOW | N/A |
| surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions. | |||||
| CVE-2000-0123 | 1 Filemaker | 1 Filemaker | 2008-09-10 | 7.5 HIGH | N/A |
| The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0033 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-10 | 5.0 MEDIUM | N/A |
| InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments. | |||||
| CVE-2000-0046 | 1 Mirabilis | 1 Icq | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message. | |||||
| CVE-2000-0063 | 1 Nortel | 1 Contivity | 2008-09-10 | 5.0 MEDIUM | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | |||||
| CVE-2000-0022 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory. | |||||
| CVE-2000-0062 | 1 Zope | 1 Zope | 2008-09-10 | 10.0 HIGH | N/A |
| The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities. | |||||
| CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
| CVE-2000-0012 | 1 Hughes | 1 Msql | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands. | |||||
| CVE-2000-0011 | 1 Analogx | 1 Simpleserver Www | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0114 | 1 Microsoft | 1 Internet Information Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory. | |||||
| CVE-2000-0010 | 1 Tony Greenwood | 1 Webwho\+ | 2008-09-10 | 10.0 HIGH | N/A |
| WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. | |||||
| CVE-2000-0065 | 1 Avtronics | 1 Inetserv | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0085 | 1 Microsoft | 1 Hotmail | 2008-09-10 | 7.5 HIGH | N/A |
| Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. | |||||
| CVE-2000-0064 | 1 Nortel | 1 Contivity | 2008-09-10 | 5.0 MEDIUM | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. | |||||
| CVE-2000-0043 | 1 Camshot | 1 Webcam Http Server | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0031 | 1 Redhat | 1 Linux | 2008-09-10 | 6.2 MEDIUM | N/A |
| The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0111 | 1 Avt | 1 Rightfax | 2008-09-10 | 7.5 HIGH | N/A |
| The RightFax web client uses predictable session numbers, which allows remote attackers to hijack user sessions. | |||||
| CVE-2000-0054 | 1 Solution Scripts | 1 Home Free | 2008-09-10 | 5.0 MEDIUM | N/A |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. | |||||
| CVE-2000-0079 | 1 W3c | 1 Cern Httpd | 2008-09-10 | 7.5 HIGH | N/A |
| The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL. | |||||
| CVE-2000-0102 | 1 Salescart | 1 Salescart | 2008-09-10 | 7.5 HIGH | N/A |
| The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0075 | 1 Nosque | 1 Msgcore | 2008-09-10 | 5.0 MEDIUM | N/A |
| Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session. | |||||
| CVE-2000-0084 | 1 Globalscape | 1 Cuteftp | 2008-09-10 | 5.0 MEDIUM | N/A |
| CuteFTP uses weak encryption to store password information in its tree.dat file. | |||||
| CVE-2000-0074 | 1 Powerscripts | 1 Plusmail | 2008-09-10 | 7.5 HIGH | N/A |
| PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. | |||||
| CVE-2000-0044 | 1 Jgaa | 1 Warftpd | 2008-09-10 | 10.0 HIGH | N/A |
| Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. | |||||
| CVE-2000-0125 | 1 Wired Community Software | 1 Wwwthreads | 2008-09-10 | 7.5 HIGH | N/A |
| wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums. | |||||
| CVE-2000-0086 | 1 Netopia | 1 Timbuktu Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing. | |||||
| CVE-2000-0023 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0104 | 1 Web Express | 1 Shoptron | 2008-09-10 | 7.5 HIGH | N/A |
| The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0128 | 1 Daniel Beckham | 1 The Finger Server | 2008-09-10 | 10.0 HIGH | N/A |
| The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0127 | 1 Progress | 1 Webspeed | 2008-09-10 | 7.5 HIGH | N/A |
| The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll. | |||||
| CVE-2000-0126 | 1 Microsoft | 1 Internet Information Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. | |||||
| CVE-2000-0106 | 1 Easycart | 1 Easycart | 2008-09-10 | 7.5 HIGH | N/A |
| The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0105 | 1 Microsoft | 1 Outlook Express | 2008-09-10 | 5.0 MEDIUM | N/A |
| Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. | |||||
| CVE-2000-0103 | 1 Netsmart | 1 Smartcart | 2008-09-10 | 7.5 HIGH | N/A |
| The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0091 | 1 Inter7 | 1 Vpopmail | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | |||||
| CVE-2000-0090 | 1 Vmware | 1 Workstation | 2008-09-10 | 3.6 LOW | N/A |
| VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | |||||
| CVE-2000-0059 | 1 Php | 1 Php | 2008-09-10 | 10.0 HIGH | N/A |
| PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands. | |||||
| CVE-2000-0058 | 1 Handspring | 1 Visor Network Hotsync | 2008-09-10 | 5.0 MEDIUM | N/A |
| Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. | |||||
| CVE-2000-0057 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 7.5 HIGH | N/A |
| Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. | |||||
| CVE-2000-0056 | 1 Ipswitch | 1 Imail | 2008-09-10 | 5.0 MEDIUM | N/A |
| IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi. | |||||
| CVE-2000-0040 | 1 Glftpd | 1 Glftpd | 2008-09-10 | 10.0 HIGH | N/A |
| glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. | |||||
| CVE-2000-0039 | 1 Altavista | 1 Search Intranet | 2008-09-10 | 5.0 MEDIUM | N/A |
| AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. | |||||
| CVE-2000-0038 | 1 Glftpd | 1 Glftpd | 2008-09-10 | 7.5 HIGH | N/A |
| glFtpD includes a default glftpd user account with a default password and a UID of 0. | |||||
| CVE-2000-0027 | 1 Ibm | 1 Network Station Manager | 2008-09-10 | 6.2 MEDIUM | N/A |
| IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0017 | 1 Redhat | 1 Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. | |||||
| CVE-2000-0016 | 1 True North | 1 Internet Anywhere Mail Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username. | |||||
| CVE-2000-0015 | 1 Ascend | 1 Cascadeview Ux | 2008-09-10 | 4.6 MEDIUM | N/A |
| CascadeView TFTP server allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0014 | 1 Michael Lamont | 1 Savant Webserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| Denial of service in Savant web server via a null character in the requested URL. | |||||
| CVE-2000-0013 | 1 Sgi | 1 Irix | 2008-09-10 | 7.2 HIGH | N/A |
| IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. | |||||