Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0853 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2000-0855 | 1 Xs4all Data | 1 Xs4all Data Sunftp | 2026-04-16 | N/A |
| SunFTP build 9(1) allows remote attackers to cause a denial of service by connecting to the server and disconnecting before sending a newline. | ||||
| CVE-2000-0860 | 1 Php | 1 Php | 2026-04-16 | N/A |
| The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. | ||||
| CVE-2000-0861 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion. | ||||
| CVE-2000-0865 | 1 Tridia | 1 Doublevision | 2026-04-16 | N/A |
| Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows local users to gain root privileges via a long terminal type argument. | ||||
| CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2026-04-16 | N/A |
| Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | ||||
| CVE-2000-0877 | 1 Ranson Johnson | 1 Mailform | 2026-04-16 | N/A |
| mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker. | ||||
| CVE-2000-0879 | 1 Plus Technologies | 1 Lpplus | 2026-04-16 | N/A |
| LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services. | ||||
| CVE-2000-0883 | 1 Mandrakesoft | 1 Mandrake Linux | 2026-04-16 | N/A |
| The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | ||||
| CVE-2000-0884 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability. | ||||
| CVE-2000-0889 | 2026-04-16 | N/A | ||
| Two Sun security certificates have been compromised, which could allow attackers to insert malicious code such as applets and make it appear that it is signed by Sun. | ||||
| CVE-2000-0891 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. | ||||
| CVE-2000-0894 | 1 Watchguard | 1 Soho Firewall | 2026-04-16 | N/A |
| HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities. | ||||
| CVE-2000-0895 | 1 Watchguard | 1 Soho Firewall | 2026-04-16 | N/A |
| Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request. | ||||
| CVE-2000-0897 | 1 Max Feoktistov | 1 Small Http Server | 2026-04-16 | N/A |
| Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed. | ||||
| CVE-2000-0902 | 1 Nathan Purciful | 1 Phpphotoalbum | 2026-04-16 | N/A |
| getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2000-0906 | 1 Moreover.com | 1 Cached Feed.cgi Script | 2026-04-16 | N/A |
| Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters. | ||||
| CVE-1999-0195 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2026-04-16 | N/A |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. | ||||
| CVE-2004-1021 | 1 Apple | 1 Ical | 2026-04-16 | N/A |
| iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms. | ||||
| CVE-2006-2903 | 1 Particle Soft | 1 Particle Links | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | ||||