ReportizFlow
Filtered by vendor
Subscriptions
Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0656 | 1 Analogx | 1 Proxy | 2026-04-16 | N/A |
| Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the FTP protocol. | ||||
| CVE-2000-0664 | 1 Analogx | 1 Simpleserver Www | 2026-04-16 | N/A |
| AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots. | ||||
| CVE-2000-0669 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data. | ||||
| CVE-2000-0670 | 1 Cvsweb Developer | 1 Cvsweb | 2026-04-16 | N/A |
| The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2000-0671 | 1 Roxen | 1 Webserver | 2026-04-16 | N/A |
| Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions, list directory contents, and read source code by inserting a null character (%00) to the URL. | ||||
| CVE-2000-0673 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability. | ||||
| CVE-2000-0676 | 1 Netscape | 1 Communicator | 2026-04-16 | N/A |
| Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice. | ||||
| CVE-2000-0677 | 1 Ibm | 1 Net.data | 2026-04-16 | N/A |
| Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable. | ||||
| CVE-2000-0681 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension. | ||||
| CVE-2000-0685 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file. | ||||
| CVE-2000-0689 | 1 Cgi Script Center | 1 Account Manager | 2026-04-16 | N/A |
| Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter. | ||||
| CVE-2000-0692 | 1 Iss | 1 Realsecure | 2026-04-16 | N/A |
| ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set. | ||||
| CVE-2000-1066 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname. | ||||
| CVE-2000-1071 | 1 Netscape | 1 Iplanet Ical | 2026-04-16 | N/A |
| The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | ||||
| CVE-2000-1074 | 1 Netscape | 1 Iplanet Ical | 2026-04-16 | N/A |
| csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory. | ||||
| CVE-2000-1075 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2026-04-16 | N/A |
| Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. | ||||
| CVE-2000-1080 | 2 Id Software, J. P. Grossman | 2 Quake, Proquake | 2026-04-16 | N/A |
| Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | ||||
| CVE-2000-1082 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | ||||
| CVE-2000-1085 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | ||||
| CVE-2000-1086 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | ||||