Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0123 1 Filemaker 1 Filemaker 2026-04-16 N/A
The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0127 1 Progress 1 Webspeed 2026-04-16 N/A
The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll.
CVE-2000-0124 1 Surfcontrol 1 Superscout 2026-04-16 N/A
surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions.
CVE-2000-0126 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.
CVE-2000-0135 1 Atretail 1 Atretail 2026-04-16 N/A
The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0136 1 Mcmurtrey Whitaker And Associates 1 Cart32 2026-04-16 N/A
The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0137 1 Cartit 1 Cartit 2026-04-16 N/A
The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0138 2026-04-16 N/A
A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream, or (6) shaft.
CVE-2000-0149 1 Zeus Technologies 1 Zeus Web Server 2026-04-16 N/A
Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.
CVE-2000-0147 1 Sco 1 Openserver 2026-04-16 N/A
snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.
CVE-2000-0148 1 Oracle 1 Mysql 2026-04-16 N/A
MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
CVE-2000-0158 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon.
CVE-2000-0466 1 Ibm 1 Aix 2026-04-16 N/A
AIX cdmount allows local users to gain root privileges via shell metacharacters.
CVE-2000-0154 1 Sco 1 Unixware 2026-04-16 N/A
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack.
CVE-2000-0156 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability.
CVE-2000-0157 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.
CVE-2000-0159 1 Hp 1 Hp-ux 2026-04-16 N/A
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.
CVE-2000-0167 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.
CVE-2000-0168 1 Microsoft 3 Windows 95, Windows 98, Windows 98se 2026-04-16 N/A
Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability.
CVE-2000-0169 1 Oracle 1 Application Server 2026-04-16 N/A
Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'.