Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0897 1 Max Feoktistov 1 Small Http Server 2026-04-16 N/A
Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed.
CVE-2000-0902 1 Nathan Purciful 1 Phpphotoalbum 2026-04-16 N/A
getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2000-0904 1 Qnx 1 Voyager 2026-04-16 N/A
Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information.
CVE-2000-0905 1 Qnx 1 Voyager 2026-04-16 N/A
QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page.
CVE-2000-0900 1 Acme Labs 1 Thttpd 2026-04-16 N/A
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.
CVE-2000-0899 1 Max Feoktistov 1 Small Http Server 2026-04-16 N/A
Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests.
CVE-2000-0908 1 Netcplus 1 Browsegate 2026-04-16 N/A
BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request.
CVE-2000-0925 1 Smartwin Technology 1 Cyberoffice Shopping Cart 2026-04-16 N/A
The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information.
CVE-2006-3951 1 Mam-moodle Alpha Component 1 Mam-moodle Alpha Component 2026-04-16 N/A
PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2000-0935 1 Samba 1 Samba 2026-04-16 N/A
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.
CVE-2000-0931 1 David Harris 1 Pegasus Mail 2026-04-16 N/A
Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data.
CVE-2000-0932 1 Clearswift 1 Mailsweeper For Smtp 2026-04-16 N/A
MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service.
CVE-2000-0943 1 Max-wilhelm Bruker 1 Bftpd 2026-04-16 N/A
Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER command.
CVE-2000-0945 1 Cisco 1 Catalyst 3500 Xl 2026-04-16 N/A
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
CVE-2000-0941 1 Kootenay Web Inc 1 Kootenay Web Inc Whois 2026-04-16 N/A
Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter.
CVE-2000-0953 1 Evolvable Corporation 1 Shambala Server 2026-04-16 N/A
Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.
CVE-2000-0954 1 Evolvable Corporation 1 Shambala Server 2026-04-16 N/A
Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server.
CVE-2000-0964 1 Siemens 1 Hinet Lp 2026-04-16 N/A
Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
CVE-2000-0962 1 Openbsd 1 Openbsd 2026-04-16 N/A
The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service.
CVE-2000-0965 1 Hp 1 Vvos 2026-04-16 N/A
The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization).