Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1026 1 Trend Micro 1 Interscan Applettrap 2026-04-16 N/A
Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.
CVE-1999-0215 1 Sgi 1 Irix 2026-04-16 N/A
Routed allows attackers to append data to files.
CVE-1999-0217 1 Sun 1 Sunos 2026-04-16 N/A
Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.
CVE-1999-0220 2026-04-16 N/A
Attackers can do a denial of service of IRC by crashing the server.
CVE-1999-0221 1 Lucent 1 Ascend Routers 2026-04-16 N/A
Denial of service of Ascend routers through port 150 (remote administration).
CVE-1999-0331 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in Internet Explorer 4.0(1).
CVE-1999-0333 1 Hp 1 Hp-ux 2026-04-16 N/A
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
CVE-2001-1068 1 Qualcomm 1 Qpopper 2026-04-16 N/A
qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system.
CVE-2002-0443 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords.
CVE-2002-1007 1 Blackboard 1 Blackboard 2026-04-16 N/A
Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.
CVE-1999-0334 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access.
CVE-2001-1069 1 Adobe 1 Acrobat Reader 2026-04-16 N/A
libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior.
CVE-2002-0444 1 Microsoft 1 Windows 2000 Terminal Services 2026-04-16 N/A
Microsoft Windows 2000 running the Terminal Server 90-day trial version, and possibly other versions, does not apply group policies to incoming users when the number of connections to the SYSVOL share exceeds the maximum, e.g. with a maximum number of licenses, which can allow remote authenticated users to bypass group policies.
CVE-2002-1008 1 Summit Computer Networks 1 Lil Http Server 2026-04-16 N/A
Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request.
CVE-2000-0021 1 Lotus 1 Domino Server 2026-04-16 N/A
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
CVE-2000-0022 1 Lotus 1 Domino Server 2026-04-16 N/A
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
CVE-2000-0024 1 Microsoft 3 Internet Information Server, Site Server, Site Server Commerce 2026-04-16 N/A
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.
CVE-2000-0025 1 Microsoft 3 Internet Information Server, Site Server, Site Server Commerce 2026-04-16 N/A
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
CVE-2000-0026 2 Sco, Windowmaker 2 Unixware, Wmmon 2026-04-16 N/A
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
CVE-2000-0027 1 Ibm 1 Network Station Manager 2026-04-16 N/A
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.