Export limit exceeded: 357410 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357410 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1238 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages. | ||||
| CVE-2000-1239 | 1 Ibm | 1 Tivoli Management Framework | 2026-04-16 | N/A |
| The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files. | ||||
| CVE-2000-1240 | 1 Anyportal Php | 1 Anyportal Php | 2026-04-16 | N/A |
| Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2000-1241 | 1 Sips | 1 Sips | 2026-04-16 | N/A |
| Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | ||||
| CVE-2000-1242 | 1 Apc | 1 Powerchute | 2026-04-16 | N/A |
| The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access. | ||||
| CVE-2000-1243 | 1 Dansie | 1 Shopping Cart | 2026-04-16 | N/A |
| Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to an e-mail address controlled by the product developers. | ||||
| CVE-2001-0011 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2001-0001 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie. | ||||
| CVE-2001-0002 | 1 Microsoft | 2 Internet Explorer, Windows Script Host | 2026-04-16 | N/A |
| Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | ||||
| CVE-2001-0003 | 1 Microsoft | 4 Office, Windows 2000, Windows Me and 1 more | 2026-04-16 | N/A |
| Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability. | ||||
| CVE-2001-0004 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability. | ||||
| CVE-2001-0005 | 1 Microsoft | 1 Powerpoint | 2026-04-16 | N/A |
| Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands. | ||||
| CVE-2001-0006 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | 7.1 High |
| The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability. | ||||
| CVE-2001-0007 | 1 Netscreen | 1 Screen Os | 2026-04-16 | N/A |
| Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface. | ||||
| CVE-2001-0008 | 2 Borland Software, Firebirdsql | 2 Interbase, Firebird | 2026-04-16 | N/A |
| Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures. | ||||
| CVE-2001-0009 | 1 Lotus | 1 Domino Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. | ||||
| CVE-2001-0012 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | ||||
| CVE-2001-0013 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2001-0014 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability. | ||||
| CVE-2001-0015 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. | ||||