Export limit exceeded: 364232 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364232 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0736 1 Rimarts Inc. 1 Becky Internet Mail 2026-04-16 N/A
Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message.
CVE-2000-0737 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability.
CVE-2002-0755 1 Freebsd 1 Freebsd 2026-04-16 N/A
Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root.
CVE-2000-0738 1 Network Associates 1 Webshield Smtp 2026-04-16 N/A
WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail.
CVE-2002-0756 2 Usermin, Webmin 2 Usermin, Webmin 2026-04-16 N/A
Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies.
CVE-2002-0151 1 Microsoft 3 Windows 2000, Windows Nt, Windows Xp 2026-04-16 N/A
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
CVE-2000-0739 1 Network Associates 1 Net Tools Pki Server 2026-04-16 N/A
Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server.
CVE-2000-0740 1 Network Associates 1 Net Tools Pki Server 2026-04-16 N/A
Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port.
CVE-2000-0741 1 Network Associates 1 Net Tools Pki Server 2026-04-16 N/A
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.
CVE-2002-0152 1 Microsoft 6 Entourage, Excel, Ie and 3 more 2026-04-16 N/A
Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.
CVE-2002-0158 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.
CVE-2000-0743 1 University Of Minnesota 1 Gopherd 2026-04-16 N/A
Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value.
CVE-2000-0746 1 Microsoft 3 Frontpage, Internet Information Server, Internet Information Services 2026-04-16 N/A
Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.
CVE-2000-0748 1 Openldap 1 Openldap 2026-04-16 N/A
OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.
CVE-2002-0159 1 Cisco 1 Secure Access Control Server 2026-04-16 N/A
Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.
CVE-2000-0757 1 Aptis Software 1 Totalbill 2026-04-16 N/A
The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.
CVE-2000-0758 1 Lyris 1 List Manager 2026-04-16 N/A
The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field.
CVE-2000-0759 1 Apache 1 Tomcat 2026-04-16 N/A
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
CVE-2002-0160 1 Cisco 1 Secure Access Control Server 2026-04-16 N/A
The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002.
CVE-2000-0760 1 Apache 1 Tomcat 2026-04-16 N/A
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.