Export limit exceeded: 364535 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364535 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2176 1 Microsoft 1 Windows Xp 2026-04-16 N/A
The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls.
CVE-2000-0875 1 Texas Imperial Software 2 Wftpd, Wftpd Pro 2026-04-16 N/A
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters.
CVE-2000-0877 1 Ranson Johnson 1 Mailform 2026-04-16 N/A
mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.
CVE-2000-0878 1 Ranson Johnson 1 Mailto Cgi Script 2026-04-16 N/A
The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field.
CVE-2000-0879 1 Plus Technologies 1 Lpplus 2026-04-16 N/A
LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.
CVE-2000-0880 1 Plus Technologies 1 Lpplus 2026-04-16 N/A
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.
CVE-2000-0881 1 Plus Technologies 1 Lpplus 2026-04-16 N/A
The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
CVE-2000-0882 1 Intel 4 Express 510t, Express 520t, Express 550f and 1 more 2026-04-16 N/A
Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed ICMP packet, which causes the CPU to crash.
CVE-2000-0883 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
CVE-2000-0884 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
CVE-2000-0891 1 Ibm 1 Lotus Notes 2026-04-16 N/A
A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email.
CVE-2000-0897 1 Max Feoktistov 1 Small Http Server 2026-04-16 N/A
Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed.
CVE-2004-0701 1 Sun 1 Ray Server Software 2026-04-16 N/A
Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which could cause a user session to stay logged in and allow local users to gain unauthorized access.
CVE-2000-0900 1 Acme Labs 1 Thttpd 2026-04-16 N/A
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.
CVE-2004-1581 1 Blackboard 1 Blackboard 2026-04-16 N/A
BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message.
CVE-2000-0918 1 Kde 1 Kvt 2026-04-16 N/A
Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters.
CVE-2000-0928 1 Wquinn 1 Diskadvisor 2026-04-16 N/A
WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares.
CVE-2000-0933 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.
CVE-2000-0934 1 Redhat 1 Linux 2026-04-16 N/A
Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.
CVE-2000-0935 1 Samba 1 Samba 2026-04-16 N/A
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.