Export limit exceeded: 364156 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364156 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0032 1 Yahoo 1 Messenger 2026-04-16 N/A
Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI.
CVE-2000-0407 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.
CVE-2000-0408 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.
CVE-2000-0409 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
CVE-2000-0410 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory.
CVE-2000-0411 1 Matt Wright 1 Formmail 2026-04-16 N/A
Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter.
CVE-2000-0412 1 Napster 1 Knapster 2026-04-16 N/A
The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file.
CVE-2000-0413 1 Microsoft 3 Frontpage, Internet Information Server, Internet Information Services 2026-04-16 N/A
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
CVE-2000-0414 1 Hp 2 Hp-ux, Vvos 2026-04-16 N/A
Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.
CVE-2000-0415 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
CVE-2000-0416 1 Microsoft 1 Windows 2000 2026-04-16 N/A
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server.
CVE-2000-0417 1 Cayman 2 3220-h Dsl Router, Gatorsurf 2026-04-16 N/A
The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a denial of service via a long username or password.
CVE-2000-0418 1 Cayman 2 3220-h Dsl Router, Gatorsurf 2026-04-16 N/A
The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP echo (ping) requests.
CVE-2002-0033 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
CVE-2000-0419 1 Microsoft 10 Access, Excel, Frontpage and 7 more 2026-04-16 N/A
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
CVE-2002-0034 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected.
CVE-2000-0420 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
CVE-2002-0036 2 Mit, Redhat 3 Kerberos 5, Enterprise Linux, Linux 2026-04-16 N/A
Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.
CVE-2000-0421 1 Mozilla 1 Bugzilla 2026-04-16 N/A
The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2002-0693 1 Microsoft 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more 2026-04-16 N/A
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.