Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0581 1 Workforceroi 1 Xpede 2026-04-16 N/A
WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script.
CVE-2002-0976 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet.
CVE-2000-0059 1 Php 1 Php 2026-04-16 N/A
PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.
CVE-2000-0065 1 Avtronics 1 Inetserv 2026-04-16 N/A
Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request.
CVE-2000-0068 1 Intel 1 Inbusiness Email Station 2026-04-16 N/A
daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modify its configuration, delete files, or read mail.
CVE-2000-0069 1 Sun 1 Solstice Backup 2026-04-16 N/A
The recover program in Solstice Backup allows local users to restore sensitive files.
CVE-2002-0582 1 Workforceroi 1 Xpede 2026-04-16 N/A
WorkforceROI Xpede 4.1 stores temporary expense claim reports in a world-readable and indexable /reports/temp directory, which allows remote attackers to read the reports by accessing the directory.
CVE-2000-0072 1 Computer Power Solutions 1 Visual Casel 2026-04-16 N/A
Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users to use a relative pathname to specify an alternate file which has an approved name and possibly gain privileges.
CVE-2000-0074 1 Powerscripts 1 Plusmail 2026-04-16 N/A
PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions.
CVE-2000-0076 2 Berkeley, Debian 2 Nvi, Debian Linux 2026-04-16 N/A
nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.
CVE-2000-0085 1 Microsoft 1 Hotmail 2026-04-16 N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.
CVE-2000-0167 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory.
CVE-2000-0170 2 Redhat, Turbolinux 2 Linux, Turbolinux 2026-04-16 N/A
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
CVE-2000-0173 1 Sco 1 Unixware 2026-04-16 N/A
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
CVE-2000-0175 1 Sun 1 Staroffice 2026-04-16 N/A
Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.
CVE-2002-0600 2 Kth, Luke Mewburn 2 Kth Kerberos, Lukemftp 2026-04-16 N/A
Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request.
CVE-2000-0178 1 Foundrynet 1 Serveriron 2026-04-16 N/A
ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions.
CVE-2000-0180 1 Generation Terrorists Designs And Concepts 1 Sojourn 2026-04-16 N/A
Sojourn search engine allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2000-0184 2 Mandrakesoft, Redhat 2 Mandrake Linux, Linux 2026-04-16 N/A
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
CVE-2000-0189 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files.