Export limit exceeded: 356918 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (356918 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2384 | 1 Hotfoon Corporation | 1 Hotfoon | 2026-04-16 | N/A |
| hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service. | ||||
| CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | ||||
| CVE-2000-0808 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication." | ||||
| CVE-2000-0811 | 1 Cgi Script Center | 1 Auction Weaver | 2026-04-16 | N/A |
| Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | ||||
| CVE-2000-0824 | 1 Gnu | 1 Glibc | 2026-04-16 | N/A |
| The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. | ||||
| CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2026-04-16 | N/A |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | ||||
| CVE-2000-0721 | 1 Multisoft | 1 Flagship | 2026-04-16 | N/A |
| The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses. | ||||
| CVE-2002-0404 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2002-0405 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters. | ||||
| CVE-2002-0947 | 1 Oracle | 2 Application Server, Reports | 2026-04-16 | N/A |
| Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter. | ||||
| CVE-2000-0842 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2002-0949 | 1 Telindus | 1 Adsl Router | 2026-04-16 | N/A |
| Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext. | ||||
| CVE-2000-0754 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords. | ||||
| CVE-2002-0951 | 1 Ruslan Communications | 1 Body Builder | 2026-04-16 | N/A |
| SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password. | ||||
| CVE-2001-0782 | 1 Kde | 1 Ktv | 2026-04-16 | N/A |
| KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file. | ||||
| CVE-2000-0767 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability. | ||||
| CVE-2000-0845 | 1 Digital | 1 Unix | 2026-04-16 | N/A |
| kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet. | ||||
| CVE-2000-0846 | 1 Ashley Montanaro | 1 Darxite | 2026-04-16 | N/A |
| Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password. | ||||
| CVE-2001-0784 | 2 Icecast, Redhat | 2 Icecast, Powertools | 2026-04-16 | N/A |
| Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. | ||||
| CVE-2000-0778 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | ||||