Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0049 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
CVE-2000-0054 1 Solution Scripts 1 Home Free 2026-04-16 N/A
search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack.
CVE-2000-0050 1 Allaire 1 Spectra 2026-04-16 N/A
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
CVE-2000-0063 1 Nortel 1 Contivity 2026-04-16 N/A
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
CVE-2000-0065 1 Avtronics 1 Inetserv 2026-04-16 N/A
Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request.
CVE-2000-0064 1 Nortel 1 Contivity 2026-04-16 N/A
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters.
CVE-2000-0074 1 Powerscripts 1 Plusmail 2026-04-16 N/A
PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions.
CVE-2000-0073 1 Microsoft 3 Windows 2000, Windows 98, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.
CVE-2000-0083 1 Hp 1 Hp-ux 2026-04-16 N/A
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
CVE-2000-0084 1 Globalscape 1 Cuteftp 2026-04-16 N/A
CuteFTP uses weak encryption to store password information in its tree.dat file.
CVE-2000-0085 1 Microsoft 1 Hotmail 2026-04-16 N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.
CVE-2000-0079 1 W3c 1 Cern Httpd 2026-04-16 N/A
The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL.
CVE-2000-0080 1 Ibm 1 Aix 2026-04-16 N/A
AIX techlibss allows local users to overwrite files via a symlink attack.
CVE-2000-0082 1 Microsoft 1 Webtv 2026-04-16 N/A
WebTV email client allows remote attackers to force the client to send email without the user's knowledge via HTML.
CVE-2000-0086 1 Netopia 1 Timbuktu Pro 2026-04-16 N/A
Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing.
CVE-2000-0106 1 Easycart 1 Easycart 2026-04-16 N/A
The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0115 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.
CVE-2000-0111 1 Avt 1 Rightfax 2026-04-16 N/A
The RightFax web client uses predictable session numbers, which allows remote attackers to hijack user sessions.
CVE-2000-0113 1 Sybergen 1 Sygate 2026-04-16 N/A
The SyGate Remote Management program does not properly restrict access to its administration service, which allows remote attackers to cause a denial of service, or access network traffic statistics.
CVE-2000-0112 1 Debian 1 Debian Linux 2026-04-16 N/A
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.