Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1232 1 Gnu 1 Emacs 2026-04-16 N/A
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
CVE-2003-1234 1 Freebsd 1 Freebsd 2026-04-16 N/A
Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop.
CVE-2000-0420 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
CVE-2000-0443 1 Hp 1 Jetadmin 2026-04-16 N/A
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2000-0444 1 Hp 1 Jetadmin 2026-04-16 N/A
HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.
CVE-2000-0445 1 Pgp 1 Pgp 2026-04-16 N/A
The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys.
CVE-2003-1247 1 Positive Software 1 H-sphere 2026-04-16 N/A
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
CVE-2000-0449 1 Omnis 1 Studio 2026-04-16 N/A
Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields.
CVE-2000-0450 1 Sean Macguire 1 Big Brother 2026-04-16 N/A
Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.
CVE-2003-1248 1 Positive Software 1 H-sphere 2026-04-16 N/A
H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request.
CVE-2000-0452 1 Lotus 2 Domino Enterprise Server, Domino Mail Server 2026-04-16 N/A
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command.
CVE-2000-0457 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
CVE-2003-1250 1 Efficient Networks 1 5861 Dsl Router 2026-04-16 N/A
Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap.
CVE-2000-0459 1 Imp 1 Imp 2026-04-16 N/A
IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request.
CVE-2000-0465 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
CVE-2000-0467 1 Sam Lantinga 1 Splitvt 2026-04-16 N/A
Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function.
CVE-2003-1252 1 Kelli Shaver 1 S8forum 2026-04-16 N/A
register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using a "system($cmd)" E-mail address with a "any_name.php" username.
CVE-2000-0470 1 Allegro 1 Rom Pager 2026-04-16 N/A
Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed authentication request.
CVE-2000-0475 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.
CVE-2000-0696 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.