Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0728 1 Xpdf 1 Xpdf 2026-04-16 N/A
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2000-0729 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
CVE-2000-0733 1 Sgi 1 Irix 2026-04-16 N/A
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
CVE-2003-1462 1 Mod Survey 1 Mod Survey 2026-04-16 N/A
mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdirectory for it, which allows remote attackers to cause a denial of service (disk consumption and possible crash).
CVE-2000-0734 2 Eeye Digital Security, Spynet 2 Iris, Capturenet 2026-04-16 N/A
eEye IRIS 1.01 beta allows remote attackers to cause a denial of service via a large number of UDP connections.
CVE-2003-1544 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded.
CVE-2000-0846 1 Ashley Montanaro 1 Darxite 2026-04-16 N/A
Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.
CVE-2000-0860 1 Php 1 Php 2026-04-16 N/A
The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
CVE-2000-0868 2 Apache, Suse 2 Http Server, Suse Linux 2026-04-16 N/A
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
CVE-2000-0869 2 Apache, Suse 2 Http Server, Suse Linux 2026-04-16 N/A
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.
CVE-2000-0875 1 Texas Imperial Software 2 Wftpd, Wftpd Pro 2026-04-16 N/A
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters.
CVE-2000-0879 1 Plus Technologies 1 Lpplus 2026-04-16 N/A
LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.
CVE-2000-0883 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
CVE-2000-0886 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
CVE-2000-0887 1 Isc 1 Bind 2026-04-16 N/A
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
CVE-2000-1001 1 Element N.v 1 Element Instantshop 2026-04-16 N/A
add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable.
CVE-2000-1002 1 Stalker 1 Communigate Pro 2026-04-16 N/A
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
CVE-2000-1003 1 Microsoft 3 Windows 95, Windows 98, Windows 98se 2026-04-16 N/A
NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash.
CVE-2000-1004 1 Openbsd 1 Openbsd 2026-04-16 N/A
Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.
CVE-2000-1005 1 Extropia 1 Extropia Webstore 2026-04-16 N/A
Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.