Total
35613 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1716 | 1 Microsoft | 1 Office | 2026-06-16 | 5.0 MEDIUM | N/A |
| The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability. | |||||
| CVE-2002-1637 | 1 Oracle | 1 Application Server | 2026-06-16 | 4.6 MEDIUM | N/A |
| Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain privileges. | |||||
| CVE-2002-1275 | 1 Html2ps Project | 1 Html2ps | 2026-06-16 | 7.5 HIGH | N/A |
| Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input." | |||||
| CVE-2002-0839 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2026-06-16 | 7.2 HIGH | N/A |
| The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. | |||||
| CVE-2002-0392 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2026-06-16 | 7.5 HIGH | N/A |
| Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. | |||||
| CVE-2001-1371 | 1 Oracle | 1 Application Server | 2026-06-16 | 7.5 HIGH | N/A |
| The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager. | |||||
| CVE-2001-1319 | 1 Microsoft | 1 Exchange Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptional BER encodings for the LDAP filter type field, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-0726 | 1 Microsoft | 1 Exchange Server | 2026-06-16 | 7.5 HIGH | N/A |
| Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message. | |||||
| CVE-2001-0146 | 1 Microsoft | 2 Exchange Server, Internet Information Services | 2026-06-16 | 5.0 MEDIUM | N/A |
| IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. | |||||
| CVE-2000-1245 | 1 Novell | 2 Netware, Netware Ftp Server | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | |||||
| CVE-2000-1241 | 1 Sips | 1 Sips | 2026-06-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | |||||
| CVE-2000-1006 | 1 Microsoft | 1 Exchange Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability. | |||||
| CVE-2000-0888 | 2 Debian, Isc | 2 Debian Linux, Bind | 2026-06-16 | 5.0 MEDIUM | N/A |
| named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | |||||
| CVE-2000-0672 | 1 Apache | 1 Tomcat | 2026-06-16 | 5.0 MEDIUM | N/A |
| The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory. | |||||
| CVE-2000-0524 | 1 Microsoft | 2 Exchange Server, Outlook | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. | |||||
| CVE-1999-1589 | 1 Ibm | 1 Aix | 2026-06-16 | 7.2 HIGH | N/A |
| Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | |||||
| CVE-1999-1412 | 2 Apache, Apple | 2 Http Server, Macos | 2026-06-16 | 5.0 MEDIUM | N/A |
| A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. | |||||
| CVE-1999-1302 | 1 Sco | 5 Open Desktop, Open Desktop Lite, Openserver Enterprise System and 2 more | 2026-06-16 | 7.2 HIGH | N/A |
| Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access. | |||||
| CVE-1999-1043 | 1 Microsoft | 1 Exchange Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | |||||
| CVE-1999-0682 | 1 Microsoft | 1 Exchange Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled. | |||||