Export limit exceeded: 344911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0299 | 1 Cnet | 1 Catchup | 2026-04-16 | N/A |
| CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan. | ||||
| CVE-2000-1007 | 1 Symantec | 1 I-gear | 2026-04-16 | N/A |
| I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors. | ||||
| CVE-2000-1008 | 1 Palm | 1 Palm Os | 2026-04-16 | N/A |
| PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | ||||
| CVE-2000-1010 | 2 Openbsd, Redhat | 2 Openbsd, Linux | 2026-04-16 | N/A |
| Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. | ||||
| CVE-2000-1011 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable. | ||||
| CVE-2002-0300 | 1 Gnujsp | 1 Gnujsp | 2026-04-16 | N/A |
| gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file. | ||||
| CVE-2000-1012 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | ||||
| CVE-2002-0301 | 1 Citrix | 1 Nfuse | 2026-04-16 | N/A |
| Citrix NFuse 1.6 allows remote attackers to bypass authentication and obtain sensitive information by directly calling launch.asp with invalid NFUSE_USER and NFUSE_PASSWORD parameters. | ||||
| CVE-2000-1013 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | ||||
| CVE-2002-0302 | 1 Symantec | 1 Enterprise Firewall | 2026-04-16 | N/A |
| The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack. | ||||
| CVE-2000-1014 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter. | ||||
| CVE-2002-0303 | 1 Novell | 1 Groupwise | 2026-04-16 | N/A |
| GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows attackers to gain privileges of other users by logging in without a password. | ||||
| CVE-2000-1015 | 1 Open Source Development Network | 1 Slashcode | 2026-04-16 | N/A |
| The default configuration of Slashcode before version 2.0 Alpha has a default administrative password, which allows remote attackers to gain Slashcode privileges and possibly execute arbitrary commands. | ||||
| CVE-2000-1018 | 1 Mendel Cooper | 1 Shred | 2026-04-16 | N/A |
| shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, which prevents shred from properly replacing the file's data and allows local users to recover the file. | ||||
| CVE-2000-1030 | 1 Csandt | 1 Corporatetime For The Web | 2026-04-16 | N/A |
| CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server. | ||||
| CVE-2000-1019 | 1 Inktomi | 1 Search Software | 2026-04-16 | N/A |
| Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL. | ||||
| CVE-2000-1031 | 1 Hp | 2 Hp-ux, Tru64 | 2026-04-16 | N/A |
| Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. | ||||
| CVE-2000-1016 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | ||||
| CVE-2000-1020 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | ||||
| CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | ||||