Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0065 | 1 Avtronics | 1 Inetserv | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0064 | 1 Nortel | 1 Contivity | 2008-09-10 | 5.0 MEDIUM | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. | |||||
| CVE-2000-0027 | 1 Ibm | 1 Network Station Manager | 2008-09-10 | 6.2 MEDIUM | N/A |
| IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0063 | 1 Nortel | 1 Contivity | 2008-09-10 | 5.0 MEDIUM | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | |||||
| CVE-2000-0062 | 1 Zope | 1 Zope | 2008-09-10 | 10.0 HIGH | N/A |
| The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities. | |||||
| CVE-2000-0040 | 1 Glftpd | 1 Glftpd | 2008-09-10 | 10.0 HIGH | N/A |
| glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. | |||||
| CVE-2000-0039 | 1 Altavista | 1 Search Intranet | 2008-09-10 | 5.0 MEDIUM | N/A |
| AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. | |||||
| CVE-2000-0074 | 1 Powerscripts | 1 Plusmail | 2008-09-10 | 7.5 HIGH | N/A |
| PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. | |||||
| CVE-2000-0054 | 1 Solution Scripts | 1 Home Free | 2008-09-10 | 5.0 MEDIUM | N/A |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. | |||||
| CVE-2000-0105 | 1 Microsoft | 1 Outlook Express | 2008-09-10 | 5.0 MEDIUM | N/A |
| Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. | |||||
| CVE-2000-0106 | 1 Easycart | 1 Easycart | 2008-09-10 | 7.5 HIGH | N/A |
| The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0123 | 1 Filemaker | 1 Filemaker | 2008-09-10 | 7.5 HIGH | N/A |
| The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0124 | 1 Surfcontrol | 1 Superscout | 2008-09-10 | 2.1 LOW | N/A |
| surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions. | |||||
| CVE-2000-0125 | 1 Wired Community Software | 1 Wwwthreads | 2008-09-10 | 7.5 HIGH | N/A |
| wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums. | |||||
| CVE-2000-0104 | 1 Web Express | 1 Shoptron | 2008-09-10 | 7.5 HIGH | N/A |
| The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0103 | 1 Netsmart | 1 Smartcart | 2008-09-10 | 7.5 HIGH | N/A |
| The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0091 | 1 Inter7 | 1 Vpopmail | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | |||||
| CVE-2000-0090 | 1 Vmware | 1 Workstation | 2008-09-10 | 3.6 LOW | N/A |
| VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | |||||
| CVE-2000-0021 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin. | |||||
| CVE-2000-0079 | 1 W3c | 1 Cern Httpd | 2008-09-10 | 7.5 HIGH | N/A |
| The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL. | |||||
| CVE-2000-0019 | 1 Ipswitch | 1 Imail | 2008-09-10 | 2.1 LOW | N/A |
| IMail POP3 daemon uses weak encryption, which allows local users to read files. | |||||
| CVE-2000-0018 | 1 Windowmaker | 1 Wmmon | 2008-09-10 | 7.2 HIGH | N/A |
| wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. | |||||
| CVE-2000-0075 | 1 Nosque | 1 Msgcore | 2008-09-10 | 5.0 MEDIUM | N/A |
| Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session. | |||||
| CVE-2000-0008 | 1 1st Choice Software | 1 Ftppro | 2008-09-10 | 2.1 LOW | N/A |
| FTPPro allows local users to read sensitive information, which is stored in plain text. | |||||
| CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
| CVE-2000-0020 | 1 Man And Mice | 1 Dns Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| DNS PRO allows remote attackers to conduct a denial of service via a large number of connections. | |||||
| CVE-2000-0034 | 1 Netscape | 1 Communicator | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | |||||
| CVE-1999-1310 | 2008-09-10 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1022. Reason: This candidate is a duplicate of CVE-1999-1022. Notes: All CVE users should reference CVE-1999-1022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-1999-1314 | 1 Freebsd | 1 Freebsd | 2008-09-10 | 2.1 LOW | N/A |
| Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_union commands. | |||||
| CVE-1999-1169 | 1 Flavio Veloso | 1 Nobo | 2008-09-10 | 5.0 MEDIUM | N/A |
| nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets. | |||||
| CVE-1999-1450 | 1 Sco | 2 Openserver, Unixware | 2008-09-10 | 7.5 HIGH | N/A |
| Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges. | |||||
| CVE-1999-1416 | 1 Inso | 1 Dwhttpd | 2008-09-10 | 5.0 MEDIUM | N/A |
| AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large content-length. | |||||
| CVE-1999-1404 | 1 Ibm | 1 Tivoli Opc Tracker Agent | 2008-09-10 | 5.0 MEDIUM | N/A |
| IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attackers to cause a denial of service (resource exhaustion) via malformed data to the localtracker client port (5011), which prevents the connection from being closed properly. | |||||
| CVE-1999-1134 | 1 Hp | 1 Hp-ux | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. | |||||
| CVE-1999-1417 | 1 Inso | 1 Answerbook2 | 2008-09-10 | 7.5 HIGH | N/A |
| Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an HTTP request, which is improperly logged. | |||||
| CVE-1999-1329 | 1 Redhat | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. | |||||
| CVE-1999-1174 | 1 Iomega | 1 Zip 100 Mb Drive | 2008-09-10 | 4.6 MEDIUM | N/A |
| ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk. | |||||
| CVE-1999-1403 | 1 Ibm | 1 Tivoli Opc Tracker Agent | 2008-09-10 | 7.2 HIGH | N/A |
| IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, directories, and IPC message queues with insecure permissions (world-readable and world-writable), which could allow local users to disrupt operations and possibly gain privileges by modifying or deleting files. | |||||
| CVE-1999-1468 | 4 Cray, Next, Sgi and 1 more | 4 Unicos, Next, Irix and 1 more | 2008-09-10 | 6.2 MEDIUM | N/A |
| rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. | |||||
| CVE-1999-1457 | 1 Thttpd | 1 Thttpd Http Server | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function. | |||||
| CVE-1999-1444 | 1 Computer Software Manufaktur | 1 Alibaba | 2008-09-10 | 5.0 MEDIUM | N/A |
| genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext. | |||||
| CVE-1999-1331 | 1 Redhat | 1 Linux | 2008-09-10 | 2.1 LOW | N/A |
| netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface. | |||||
| CVE-1999-1298 | 1 Freebsd | 1 Freebsd | 2008-09-10 | 7.5 HIGH | N/A |
| Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources. | |||||
| CVE-1999-1319 | 1 Sgi | 1 Irix | 2008-09-10 | 10.0 HIGH | N/A |
| Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations. | |||||
| CVE-1999-1180 | 1 Oreilly | 2 Website, Website Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat. | |||||
| CVE-2002-1401 | 1 Postgresql | 1 Postgresql | 2008-09-10 | 6.5 MEDIUM | N/A |
| Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow. | |||||
| CVE-2008-3440 | 1 Sun | 1 Java | 2008-09-10 | 7.5 HIGH | N/A |
| Sun Java 1.6.0_03 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | |||||
| CVE-2000-0155 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2008-09-10 | 7.2 HIGH | N/A |
| Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. | |||||
| CVE-2000-0380 | 1 Cisco | 1 Ios | 2008-09-10 | 7.1 HIGH | N/A |
| The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. | |||||
| CVE-2000-0001 | 1 Realnetworks | 1 Realserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. | |||||