Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0633 | 3 Conectiva, Mandrakesoft, Redhat | 3 Linux, Mandrake Linux, Linux | 2026-04-16 | N/A |
| Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. | ||||
| CVE-2002-1897 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow. | ||||
| CVE-2002-1919 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password fields. | ||||
| CVE-2000-0640 | 1 Steve Poulsen | 1 Guildftpd | 2026-04-16 | N/A |
| Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not. | ||||
| CVE-2000-0651 | 1 Novell | 1 Bordermanager | 2026-04-16 | N/A |
| The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim's machine. | ||||
| CVE-2000-0652 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string. | ||||
| CVE-2002-1947 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. | ||||
| CVE-2002-1952 | 1 Phprank | 1 Phprank | 2026-04-16 | N/A |
| phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable. | ||||
| CVE-2002-1957 | 1 Pen | 1 Pen | 2026-04-16 | N/A |
| Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to execute arbitrary commands via malformed log messages. | ||||
| CVE-2000-0581 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash. | ||||
| CVE-2000-0089 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability. | ||||
| CVE-2000-0096 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | N/A |
| Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command. | ||||
| CVE-2000-0097 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability. | ||||
| CVE-2000-0098 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist. | ||||
| CVE-2002-1481 | 1 Phpgb | 1 Phpgb | 2026-04-16 | N/A |
| savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php. | ||||
| CVE-2002-1482 | 1 Phpgb | 1 Phpgb | 2026-04-16 | N/A |
| SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry. | ||||
| CVE-2002-1483 | 1 Db4web | 1 Db4web | 2026-04-16 | N/A |
| db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot). | ||||
| CVE-2006-0084 | 1 Rasmp | 1 Rasmp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the $_SERVER[HTTP_USER_AGENT] variable (User-Agent header). | ||||
| CVE-2000-0143 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2026-04-16 | N/A |
| The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. | ||||
| CVE-2000-0144 | 1 Axis | 1 700 Network Document Server | 2026-04-16 | N/A |
| Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. | ||||