Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0168 | 1 Microsoft | 3 Windows 95, Windows 98, Windows 98se | 2023-11-07 | 5.0 MEDIUM | N/A |
| Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. | |||||
| CVE-2001-0643 | 1 Microsoft | 1 Internet Explorer | 2023-11-07 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type. | |||||
| CVE-2000-0790 | 1 Microsoft | 3 Windows 2000, Windows 98, Windows 98se | 2023-11-07 | 4.6 MEDIUM | N/A |
| The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder. | |||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2023-11-07 | 2.1 LOW | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | |||||
| CVE-2000-0505 | 2 Apache, Ibm | 2 Http Server, Http Server | 2023-11-07 | 5.0 MEDIUM | N/A |
| The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters. | |||||
| CVE-2000-0002 | 1 Zbsoft | 1 Zbserver | 2023-11-07 | 10.0 HIGH | N/A |
| Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0608 | 1 Netwin | 2 Cwmail, Dmailweb | 2023-11-07 | 5.0 MEDIUM | N/A |
| NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost). | |||||
| CVE-2000-0158 | 1 Sco | 1 Openserver | 2023-11-07 | 7.5 HIGH | N/A |
| Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. | |||||
| CVE-2000-1204 | 1 Apache | 1 Http Server | 2023-11-07 | 5.0 MEDIUM | N/A |
| Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root. | |||||
| CVE-2000-0573 | 1 Hp | 1 Hp-ux | 2023-11-07 | 10.0 HIGH | N/A |
| The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | |||||
| CVE-2000-0448 | 1 Network Associates | 1 Webshield | 2023-11-07 | 5.0 MEDIUM | N/A |
| The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command. | |||||
| CVE-2001-0730 | 1 Apache | 1 Http Server | 2023-11-07 | 5.0 MEDIUM | N/A |
| split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header. | |||||
| CVE-2002-0936 | 1 Apache | 1 Tomcat | 2023-11-07 | 5.0 MEDIUM | N/A |
| The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null). | |||||
| CVE-2000-0270 | 1 Gnu | 1 Emacs | 2023-11-07 | 3.6 LOW | N/A |
| The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | |||||
| CVE-2000-0300 | 1 Symantec | 1 Pcanywhere | 2023-11-07 | 10.0 HIGH | N/A |
| The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts. | |||||
| CVE-1999-1380 | 1 Symantec | 1 Norton Utilities | 2023-11-07 | 5.1 MEDIUM | N/A |
| Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0. | |||||
| CVE-2000-0319 | 1 Eric Allman | 1 Sendmail | 2023-11-07 | 5.0 MEDIUM | N/A |
| mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n. | |||||
| CVE-2002-1148 | 1 Apache | 1 Tomcat | 2023-11-07 | 5.0 MEDIUM | N/A |
| The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet. | |||||
| CVE-2002-0935 | 1 Apache | 1 Tomcat | 2023-11-07 | 5.0 MEDIUM | N/A |
| Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang. | |||||
| CVE-1999-0885 | 1 Computer Software Manufaktur | 1 Alibaba | 2023-11-07 | 3.6 LOW | N/A |
| Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL. | |||||