Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0807 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."
CVE-2000-0808 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."
CVE-2000-0811 1 Cgi Script Center 1 Auction Weaver 2026-04-16 N/A
Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.
CVE-2000-0824 1 Gnu 1 Glibc 2026-04-16 N/A
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
CVE-2000-0721 1 Multisoft 1 Flagship 2026-04-16 N/A
The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses.
CVE-2000-0754 1 Hp 1 Openview Network Node Manager 2026-04-16 N/A
Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
CVE-2002-0951 1 Ruslan Communications 1 Body Builder 2026-04-16 N/A
SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password.
CVE-2000-0767 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
CVE-2000-0845 1 Digital 1 Unix 2026-04-16 N/A
kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet.
CVE-2001-0782 1 Kde 1 Ktv 2026-04-16 N/A
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.
CVE-2000-0778 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
CVE-2000-0846 1 Ashley Montanaro 1 Darxite 2026-04-16 N/A
Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.
CVE-2001-0784 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
CVE-2000-0847 1 University Of Washington 2 Imap, Pine 2026-04-16 N/A
Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.
CVE-2001-1545 1 Macromedia 1 Jrun 2026-04-16 N/A
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing.
CVE-2000-0850 1 Netegrity 1 Siteminder 2026-04-16 N/A
Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL.
CVE-2001-0786 1 Internet Software Solutions 1 Air Messenger Lan Server 2026-04-16 N/A
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file.
CVE-2000-0857 1 Sebastian Kienzl 1 Muh 2026-04-16 N/A
The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname.
CVE-2000-0793 2 Novell, Symantec 2 Client, Norton Antivirus 2026-04-16 N/A
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.
CVE-2000-0872 1 Nathan Purciful 1 Phpphotoalbum 2026-04-16 N/A
explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack.