Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29911 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0011 1 Isc 1 Bind 2026-06-16 10.0 HIGH N/A
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.
CVE-2001-0010 1 Isc 1 Bind 2026-06-16 10.0 HIGH N/A
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.
CVE-2001-0009 1 Lotus 1 Domino Server 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack.
CVE-2001-0008 2 Borland Software, Firebirdsql 2 Interbase, Firebird 2026-06-16 10.0 HIGH N/A
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.
CVE-2001-0007 1 Netscreen 1 Screen Os 2026-06-16 5.0 MEDIUM N/A
Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface.
CVE-2001-0005 1 Microsoft 1 Powerpoint 2026-06-16 6.2 MEDIUM N/A
Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands.
CVE-2001-0004 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-06-16 5.0 MEDIUM N/A
IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability.
CVE-2001-0003 1 Microsoft 4 Office, Windows 2000, Windows Me and 1 more 2026-06-16 5.0 MEDIUM N/A
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
CVE-2001-0002 1 Microsoft 2 Internet Explorer, Windows Script Host 2026-06-16 7.5 HIGH N/A
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.
CVE-2001-0001 1 Francisco Burzi 1 Php-nuke 2026-06-16 7.5 HIGH N/A
cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.
CVE-2000-1244 1 Broadcom 1 Inoculateit Agent For Exchange 2026-06-16 7.5 HIGH N/A
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
CVE-2000-1243 1 Dansie 1 Shopping Cart 2026-06-16 5.0 MEDIUM N/A
Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to an e-mail address controlled by the product developers.
CVE-2000-1242 1 Apc 1 Powerchute 2026-06-16 9.0 HIGH N/A
The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.
CVE-2000-1240 1 Anyportal Php 1 Anyportal Php 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2000-1239 1 Ibm 1 Tivoli Management Framework 2026-06-16 9.0 HIGH N/A
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
CVE-2000-1238 1 Bea 1 Weblogic Server 2026-06-16 7.5 HIGH N/A
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
CVE-2000-1237 1 Floosietek 1 Ftgate 2026-06-16 5.0 MEDIUM N/A
The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.
CVE-2000-1236 1 Oracle 1 Application Server 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.
CVE-2000-1235 1 Oracle 1 Application Server 2026-06-16 5.0 MEDIUM N/A
The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.
CVE-2000-1234 1 Phorum 1 Phorum 2026-06-16 5.0 MEDIUM N/A
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.