Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0061 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.
CVE-2005-3035 1 Compuware 1 Driverstudio 2026-04-16 N/A
Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service (reboot) via a UDP packet sent directly to port 9110.
CVE-2000-0062 1 Zope 1 Zope 2026-04-16 N/A
The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities.
CVE-2000-0070 1 Microsoft 1 Windows Nt 2026-04-16 N/A
NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."
CVE-2000-0072 1 Computer Power Solutions 1 Visual Casel 2026-04-16 N/A
Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users to use a relative pathname to specify an alternate file which has an approved name and possibly gain privileges.
CVE-2005-3975 1 Drupal 1 Drupal 2026-04-16 N/A
Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-3312. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in Drupal.
CVE-2000-0075 1 Nosque 1 Msgcore 2026-04-16 N/A
Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session.
CVE-2005-3978 1 Scriptdevelopers.net 1 Netclassifieds 2026-04-16 N/A
Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition 1.0.1, Professional Edition 1.5.1, Standard Edition 1.9.6.3, and Free Edition 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter in (a) ViewCat.php and (b) gallery.php, and the (2) ItemNum parameter in (c) ViewItem.php.
CVE-2000-0078 1 Hp 1 Hp-ux 2026-04-16 N/A
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
CVE-2000-0093 1 Redhat 1 Linux 2026-04-16 N/A
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.
CVE-2000-0105 1 Microsoft 1 Outlook Express 2026-04-16 N/A
Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client.
CVE-2005-3981 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has been opened using the OpenProcess function, possibly involving an invalid address for the start routine. NOTE: followup posts have disputed this issue, saying that if a user already has privileges to write to a process, then other functions could be called or the process could be terminated using PROCESS_TERMINATE
CVE-2000-0110 1 Baron Consulting Group 1 Websitetool 2026-04-16 N/A
The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0440 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2026-04-16 N/A
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
CVE-2006-2968 1 Php Labware 1 Labwiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in PHP Labware LabWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input box (query parameter).
CVE-2000-0448 1 Network Associates 1 Webshield 2026-04-16 N/A
The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command.
CVE-2000-0453 1 Xfree86 Project 1 X11r6 2026-04-16 N/A
XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000.
CVE-2000-0455 1 David Bagley 1 Xlock 2026-04-16 N/A
Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option.
CVE-2000-0474 1 Realnetworks 1 Realserver 2026-04-16 N/A
Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory.
CVE-2000-0479 1 Shadow Op Software 1 Dragon Server 2026-04-16 N/A
Dragon FTP server allows remote attackers to cause a denial of service via a long USER command.