Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1586 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. | ||||
| CVE-2002-1780 | 1 Alcatech Gmbh | 1 Bpm Studio Pro | 2025-04-03 | N/A |
| BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves. | ||||
| CVE-2000-0018 | 1 Windowmaker | 1 Wmmon | 2025-04-03 | N/A |
| wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. | ||||
| CVE-2000-0034 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
| Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | ||||
| CVE-2002-1785 | 1 Zeus Technologies | 1 Zeus Web Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 through 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section parameter to index.fcgi. | ||||
| CVE-2000-0066 | 1 Oreilly | 1 Website Professional | 2025-04-03 | N/A |
| WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. | ||||
| CVE-2000-0078 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command. | ||||
| CVE-2000-0095 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier. | ||||
| CVE-2000-0100 | 1 Microsoft | 1 Systems Management Server | 2025-04-03 | N/A |
| The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program. | ||||
| CVE-2000-0103 | 1 Netsmart | 1 Smartcart | 2025-04-03 | N/A |
| The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2000-0115 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page. | ||||
| CVE-2000-0124 | 1 Surfcontrol | 1 Superscout | 2025-04-03 | N/A |
| surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions. | ||||
| CVE-2000-0141 | 1 Infopop | 1 Ultimate Bulletin Board | 2025-04-03 | N/A |
| Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. | ||||
| CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2025-04-03 | N/A |
| Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | ||||
| CVE-2000-0165 | 1 Etl | 1 Delegate | 2025-04-03 | N/A |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. | ||||
| CVE-2002-1817 | 1 Symantec Veritas | 1 Cluster Server | 2025-04-03 | N/A |
| Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for Solaris, and Cluster Server 1.3.1 for HP-UX allows attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2000-0176 | 1 Cat Soft | 1 Serv-u | 2025-04-03 | N/A |
| The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist. | ||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2025-04-03 | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | ||||
| CVE-2000-0233 | 1 Suse | 1 Suse Linux Imap Server | 2025-04-03 | N/A |
| SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. | ||||
| CVE-2000-0241 | 1 Vqsoft | 1 Vqserver | 2025-04-03 | N/A |
| vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. | ||||