Export limit exceeded: 366602 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366602 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366602 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0091 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability. | ||||
| CVE-2000-1195 | 1 Caldera | 2 Openlinux Edesktop, Openlinux Eserver | 2026-04-16 | N/A |
| telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option. | ||||
| CVE-2000-1194 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. | ||||
| CVE-2000-1189 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges. | ||||
| CVE-2000-1050 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash"). | ||||
| CVE-2000-1051 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet. | ||||
| CVE-2000-1052 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet. | ||||
| CVE-2000-1053 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet. | ||||
| CVE-2000-1056 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | ||||
| CVE-2000-1057 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions. | ||||
| CVE-2000-1059 | 1 Mandrakesoft | 1 Mandrake Linux | 2026-04-16 | N/A |
| The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. | ||||
| CVE-2000-1060 | 1 Xfree86 Project | 1 Xfce | 2026-04-16 | N/A |
| The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges. | ||||
| CVE-2000-1061 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability. | ||||
| CVE-2000-1062 | 1 Hp | 1 Jetdirect | 2026-04-16 | N/A |
| Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | ||||
| CVE-2000-1065 | 1 Hp | 1 Jetdirect | 2026-04-16 | N/A |
| Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet. | ||||
| CVE-2000-1066 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname. | ||||
| CVE-2000-1068 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2026-04-16 | N/A |
| pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter. | ||||
| CVE-2000-1069 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2026-04-16 | N/A |
| pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters. | ||||
| CVE-2000-1070 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2026-04-16 | N/A |
| pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information. | ||||
| CVE-2000-1071 | 1 Netscape | 1 Iplanet Ical | 2026-04-16 | N/A |
| The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | ||||