Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0582 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| WorkforceROI Xpede 4.1 stores temporary expense claim reports in a world-readable and indexable /reports/temp directory, which allows remote attackers to read the reports by accessing the directory. | ||||
| CVE-2000-0072 | 1 Computer Power Solutions | 1 Visual Casel | 2026-04-16 | N/A |
| Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users to use a relative pathname to specify an alternate file which has an approved name and possibly gain privileges. | ||||
| CVE-2000-0074 | 1 Powerscripts | 1 Plusmail | 2026-04-16 | N/A |
| PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. | ||||
| CVE-2000-0076 | 2 Berkeley, Debian | 2 Nvi, Debian Linux | 2026-04-16 | N/A |
| nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover. | ||||
| CVE-2000-0085 | 1 Microsoft | 1 Hotmail | 2026-04-16 | N/A |
| Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. | ||||
| CVE-2000-0086 | 1 Netopia | 1 Timbuktu Pro | 2026-04-16 | N/A |
| Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing. | ||||
| CVE-2000-0090 | 1 Vmware | 1 Workstation | 2026-04-16 | N/A |
| VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | ||||
| CVE-2000-0091 | 1 Inter7 | 1 Vpopmail | 2026-04-16 | N/A |
| Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | ||||
| CVE-2000-0093 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. | ||||
| CVE-2000-0094 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr. | ||||
| CVE-2000-0097 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability. | ||||
| CVE-2002-0584 | 1 Workforceroi | 1 Xpede | 2026-04-16 | N/A |
| WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets by modifying the TSN ID parameter to the ts_app_process.asp script, which is easily guessable because it is incremented by 1 for each new timesheet. | ||||
| CVE-2002-0979 | 1 Microsoft | 1 Virtual Machine | 2026-04-16 | N/A |
| The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code. | ||||
| CVE-2000-0102 | 1 Salescart | 1 Salescart | 2026-04-16 | N/A |
| The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2000-0104 | 1 Web Express | 1 Shoptron | 2026-04-16 | N/A |
| The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2002-0587 | 1 Aol | 1 Aol Server | 2026-04-16 | N/A |
| Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters. | ||||
| CVE-2000-0108 | 1 Intelligent Vending Systems | 1 Intellivend | 2026-04-16 | N/A |
| The Intellivend shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2000-0116 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag. | ||||
| CVE-2000-0118 | 2 Redhat, Sun | 3 Linux, Solaris, Sunos | 2026-04-16 | N/A |
| The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. | ||||
| CVE-2000-0120 | 1 Allaire | 1 Spectra | 2026-04-16 | N/A |
| The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter. | ||||