Total
29755 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0921 | 1 Hassan Consulting | 1 Shopping Cart | 2025-04-03 | N/A |
| Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. | ||||
| CVE-2000-0923 | 1 Aplio | 1 Aplio Phone | 2025-04-03 | N/A |
| authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter. | ||||
| CVE-2000-0924 | 1 Armada Design | 1 Master Index | 2025-04-03 | N/A |
| Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter. | ||||
| CVE-2000-0925 | 1 Smartwin Technology | 1 Cyberoffice Shopping Cart | 2025-04-03 | N/A |
| The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2000-0943 | 1 Max-wilhelm Bruker | 1 Bftpd | 2025-04-03 | N/A |
| Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER command. | ||||
| CVE-2000-0940 | 1 Metertek | 1 Pagelog.cgi | 2025-04-03 | N/A |
| Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter. | ||||
| CVE-2000-0941 | 1 Kootenay Web Inc | 1 Kootenay Web Inc Whois | 2025-04-03 | N/A |
| Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter. | ||||
| CVE-2000-0942 | 1 Microsoft | 1 Indexing Service | 2025-04-03 | N/A |
| The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability. | ||||
| CVE-2000-0945 | 1 Cisco | 1 Catalyst 3500 Xl | 2025-04-03 | N/A |
| The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. | ||||
| CVE-1999-1533 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | N/A |
| Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service. | ||||
| CVE-2000-0974 | 1 Gnu | 1 Privacy Guard | 2025-04-03 | N/A |
| GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. | ||||
| CVE-2000-0973 | 1 Daniel Stenberg | 1 Curl | 2025-04-03 | N/A |
| Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated. | ||||
| CVE-2000-0969 | 1 Valve Software | 1 Half-life Dedicated Server | 2025-04-03 | N/A |
| Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon. | ||||
| CVE-2000-0971 | 1 Avirt | 1 Avirt Mail Server | 2025-04-03 | N/A |
| Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long "RCPT TO" or "MAIL FROM" command. | ||||
| CVE-2000-0983 | 1 Microsoft | 1 Netmeeting | 2025-04-03 | N/A |
| Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service (CPU utilization) via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability. | ||||
| CVE-2000-0981 | 1 Oracle | 1 Mysql | 2025-04-03 | N/A |
| MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password. | ||||
| CVE-2000-0984 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | ||||
| CVE-2000-0978 | 1 Bb4 | 1 Big Brother Network Monitor | 2025-04-03 | N/A |
| bbd server in Big Brother System and Network Monitor before 1.5c2 allows remote attackers to execute arbitrary commands via the "&" shell metacharacter. | ||||
| CVE-2000-0980 | 1 Microsoft | 4 Windows 95, Windows 98, Windows 98se and 1 more | 2025-04-03 | N/A |
| NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network. | ||||
| CVE-2000-0982 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability. | ||||