Export limit exceeded: 359387 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359387 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0374 | 1 Caldera | 1 Openlinux | 2026-04-16 | N/A |
| The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions. | ||||
| CVE-2000-0375 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files. | ||||
| CVE-2000-0377 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability. | ||||
| CVE-2000-0381 | 1 Gossamer Threads | 1 Dbman | 2026-04-16 | N/A |
| The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. | ||||
| CVE-2000-0382 | 1 Allaire | 1 Clustercats | 2026-04-16 | N/A |
| ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. | ||||
| CVE-2000-0383 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. | ||||
| CVE-2000-0387 | 1 Alexander Siegel | 1 Golddig | 2026-04-16 | N/A |
| The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files. | ||||
| CVE-2000-0397 | 1 Seattle Lab Software | 1 Emurl | 2026-04-16 | N/A |
| The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. | ||||
| CVE-2006-2782 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-16 | N/A |
| Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. | ||||
| CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2026-04-16 | N/A |
| Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | ||||
| CVE-2006-3025 | 1 Lucid Designs | 1 Lucid Calendar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Cal.PHP3 in Chris Lea Lucid Calendar 0.22 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2000-0410 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. | ||||
| CVE-2000-0411 | 1 Matt Wright | 1 Formmail | 2026-04-16 | N/A |
| Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter. | ||||
| CVE-2000-0412 | 1 Napster | 1 Knapster | 2026-04-16 | N/A |
| The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file. | ||||
| CVE-2006-2796 | 1 New-place | 1 Captivate | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in gallery.php in Captivate 1.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter, which is reflected in an error message. | ||||
| CVE-2000-0413 | 1 Microsoft | 3 Frontpage, Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path. | ||||
| CVE-2000-0414 | 1 Hp | 2 Hp-ux, Vvos | 2026-04-16 | N/A |
| Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | ||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | ||||
| CVE-2002-0236 | 1 Lucent | 5 Vitalanalysis, Vitalevent, Vitalhelp and 2 more | 2026-04-16 | N/A |
| Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user. | ||||
| CVE-2000-0422 | 1 Netwin | 1 Dmail | 2026-04-16 | N/A |
| Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter. | ||||