Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0794 | 1 Sgi | 1 Irix | 2023-11-07 | 7.2 HIGH | N/A |
| Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview. | |||||
| CVE-1999-0676 | 1 Sun | 2 Solaris, Sunos | 2023-11-07 | 4.6 MEDIUM | N/A |
| sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. | |||||
| CVE-2000-0606 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2023-11-07 | 7.2 HIGH | N/A |
| Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. | |||||
| CVE-2000-0328 | 1 Microsoft | 1 Windows Nt | 2023-11-07 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking. | |||||
| CVE-2000-0601 | 1 Leafdigital | 1 Leafchat | 2023-11-07 | 5.0 MEDIUM | N/A |
| LeafChat 1.7 IRC client allows a remote IRC server to cause a denial of service by rapidly sending a large amount of error messages. | |||||
| CVE-2002-0859 | 1 Microsoft | 2 Jet, Sql Server | 2023-11-07 | 7.5 HIGH | N/A |
| Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code. | |||||
| CVE-2000-0025 | 1 Microsoft | 3 Internet Information Server, Site Server, Site Server Commerce | 2023-11-07 | 5.0 MEDIUM | N/A |
| IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability. | |||||
| CVE-2000-0153 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2023-11-07 | 5.0 MEDIUM | N/A |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||||
| CVE-2000-1209 | 2 Compaq, Microsoft | 4 Insight Manager, Insight Manager Xe, Data Engine and 1 more | 2023-11-07 | 10.0 HIGH | N/A |
| The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida. | |||||
| CVE-2002-0034 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2023-11-07 | 4.6 MEDIUM | N/A |
| The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected. | |||||
| CVE-2000-0089 | 1 Microsoft | 1 Windows Nt | 2023-11-07 | 2.1 LOW | N/A |
| The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability. | |||||
| CVE-1999-0836 | 1 Sco | 1 Unixware | 2023-11-07 | 10.0 HIGH | N/A |
| UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2000-0711 | 2 Microsoft, Netscape | 2 Virtual Machine, Communicator | 2023-11-07 | 7.5 HIGH | N/A |
| Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. | |||||
| CVE-2000-0276 | 1 Be | 1 Beos | 2023-11-07 | 2.1 LOW | N/A |
| BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37. | |||||
| CVE-2000-0597 | 1 Microsoft | 2 Excel, Powerpoint | 2023-11-07 | 7.5 HIGH | N/A |
| Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability. | |||||
| CVE-2000-0581 | 1 Microsoft | 1 Windows 2000 | 2023-11-07 | 5.0 MEDIUM | N/A |
| Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash. | |||||
| CVE-2001-0804 | 1 Valerie Mates | 1 Interactive Story | 2023-11-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter. | |||||
| CVE-2000-0344 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 5.0 MEDIUM | N/A |
| The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value. | |||||
| CVE-2001-1088 | 1 Microsoft | 2 Outlook, Outlook Express | 2023-11-07 | 7.5 HIGH | N/A |
| Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user. | |||||
| CVE-2000-0394 | 1 Axent | 1 Netprowler | 2023-11-07 | 5.0 MEDIUM | N/A |
| NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature. | |||||