Search Results (366484 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0932 1 Mediahouse Software 1 Statistics Server 2026-04-16 N/A
Mediahouse Statistics Server allows remote attackers to read the administrator password, which is stored in cleartext in the ss.cfg file.
CVE-2000-1049 1 Macromedia 1 Jrun 2026-04-16 N/A
Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters.
CVE-1999-0870 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
CVE-2000-0911 1 Horde 1 Imp 2026-04-16 N/A
IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment.
CVE-2000-0912 1 Jcs Web Works 1 Multihtml 2026-04-16 N/A
MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter.
CVE-2000-0914 1 Openbsd 1 Openbsd 2026-04-16 N/A
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.
CVE-2000-0915 1 Freebsd 1 Freebsd 2026-04-16 N/A
fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name.
CVE-2000-0916 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections.
CVE-2000-0917 3 Caldera, Redhat, Trustix 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more 2026-04-16 N/A
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
CVE-2000-0920 1 Boa 1 Boa Webserver 2026-04-16 N/A
Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."
CVE-2000-0921 1 Hassan Consulting 1 Shopping Cart 2026-04-16 N/A
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
CVE-2000-0922 1 Bytes Interactive 1 Web Shopper 2026-04-16 N/A
Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter.
CVE-2000-0923 1 Aplio 1 Aplio Phone 2026-04-16 N/A
authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter.
CVE-2000-0924 1 Armada Design 1 Master Index 2026-04-16 N/A
Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter.
CVE-2000-0925 1 Smartwin Technology 1 Cyberoffice Shopping Cart 2026-04-16 N/A
The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information.
CVE-2000-0926 1 Smartwin Technology 1 Cyberoffice Shopping Cart 2026-04-16 N/A
SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote attackers to modify price information by changing the "Price" hidden form variable.
CVE-1999-0871 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.
CVE-2000-0929 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability.
CVE-2000-0931 1 David Harris 1 Pegasus Mail 2026-04-16 N/A
Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data.
CVE-2000-0932 1 Clearswift 1 Mailsweeper For Smtp 2026-04-16 N/A
MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service.