Search Results (364328 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0941 1 Kootenay Web Inc 1 Kootenay Web Inc Whois 2026-04-16 N/A
Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter.
CVE-2002-0219 1 Sas 2 Sas Base, Sas Integration Technologies 2026-04-16 N/A
Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument.
CVE-2002-0802 2 Postgresql, Redhat 2 Postgresql, Database 2026-04-16 N/A
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.
CVE-2000-0942 1 Microsoft 1 Indexing Service 2026-04-16 N/A
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.
CVE-2000-0943 1 Max-wilhelm Bruker 1 Bftpd 2026-04-16 N/A
Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER command.
CVE-2000-0944 1 Cgi 1 Script Center News Update 2026-04-16 9.8 Critical
CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password.
CVE-2000-0945 1 Cisco 1 Catalyst 3500 Xl 2026-04-16 N/A
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
CVE-2002-1717 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf.
CVE-2005-4838 2 Apache, Redhat 3 Tomcat, Network Satellite, Rhel Application Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CVE-2000-0946 1 Compaq 1 Easy Access Keyboard Software 2026-04-16 N/A
Compaq Easy Access Keyboard software 1.3 does not properly disable access to custom buttons when the screen is locked, which could allow an attacker to gain privileges or execute programs without authorization.
CVE-2000-0954 1 Evolvable Corporation 1 Shambala Server 2026-04-16 N/A
Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server.
CVE-2002-0220 1 Phpsmssend 1 Phpsmssend 2026-04-16 N/A
phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute arbitrary commands via an SMS message containing shell metacharacters.
CVE-2000-0963 4 Freebsd, Gnu, Immunix and 1 more 4 Freebsd, Ncurses, Immunix and 1 more 2026-04-16 N/A
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
CVE-2000-0964 1 Siemens 1 Hinet Lp 2026-04-16 N/A
Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
CVE-2000-0965 1 Hp 1 Vvos 2026-04-16 N/A
The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization).
CVE-2000-0966 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges.
CVE-2000-0967 1 Php 1 Php 2026-04-16 N/A
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
CVE-2000-0968 1 Valve Software 1 Half-life Dedicated Server 2026-04-16 N/A
Buffer overflow in Half Life dedicated server before build 3104 allows remote attackers to execute arbitrary commands via a long rcon command.
CVE-2002-0221 1 Etype 1 Eserv 2026-04-16 N/A
Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV commands that consume ports 1024 through 5000, which prevents the server from accepting valid PASV.
CVE-2000-0969 1 Valve Software 1 Half-life Dedicated Server 2026-04-16 N/A
Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.