Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0690 1 Cgi Script Center 1 Auction Weaver 2026-04-16 N/A
Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.
CVE-2000-0691 1 Gert Doering 1 Mgetty 2026-04-16 N/A
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.
CVE-2000-0692 1 Iss 1 Realsecure 2026-04-16 N/A
ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set.
CVE-2000-0693 1 Tech-source 1 Raptor Gfx Pgx32 2026-04-16 N/A
pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program.
CVE-2000-0694 1 Tech-source 1 Raptor Gfx Pgx32 2026-04-16 N/A
pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack.
CVE-2000-0695 1 Tech-source 1 Raptor Gfx Pgx32 2026-04-16 N/A
Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options.
CVE-2000-0696 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.
CVE-2000-0697 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.
CVE-2000-0698 1 Minicom 1 Minicom 2026-04-16 N/A
Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack.
CVE-2000-0699 1 Hp 1 Hp-ux 2026-04-16 N/A
Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.
CVE-2000-0702 1 Hp 1 Hp-ux 2026-04-16 N/A
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.
CVE-2000-0703 1 Larry Wall 1 Perl 2026-04-16 N/A
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
CVE-2000-0704 3 Freewnn, Omron, Wnn 3 Freewnn, Worldview, Wnn4 2026-04-16 N/A
Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands.
CVE-2000-0714 1 University Of Massachusetts 1 Scheme 2026-04-16 N/A
umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files.
CVE-2000-0716 1 Alt-n 1 Mdaemon 2026-04-16 N/A
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
CVE-2000-0717 1 Goodtech 2 Ftp Server 95 98, Ftp Server Nt 2000 2026-04-16 N/A
GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands.
CVE-2000-0718 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
CVE-2000-0719 1 Varicad 1 Varicad 2026-04-16 N/A
VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program.
CVE-2000-0720 1 Gwscripts 1 Gwscripts News Publisher 2026-04-16 N/A
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
CVE-2000-0721 1 Multisoft 1 Flagship 2026-04-16 N/A
The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses.