Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0941 | 1 Kootenay Web Inc | 1 Kootenay Web Inc Whois | 2017-10-09 | 10.0 HIGH | N/A |
| Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter. | |||||
| CVE-2001-1059 | 1 Vmware | 1 Workstation | 2017-10-09 | 3.6 LOW | N/A |
| VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information. | |||||
| CVE-2000-0944 | 1 Cgi Script Center | 1 News Update | 2017-10-09 | 7.5 HIGH | N/A |
| CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password. | |||||
| CVE-2000-0943 | 1 Max-wilhelm Bruker | 1 Bftpd | 2017-10-09 | 7.5 HIGH | N/A |
| Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER command. | |||||
| CVE-2000-0945 | 1 Cisco | 1 Catalyst 3500 Xl | 2017-10-09 | 10.0 HIGH | N/A |
| The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. | |||||
| CVE-2000-0946 | 1 Compaq | 1 Easy Access Keyboard Software | 2017-10-09 | 4.6 MEDIUM | N/A |
| Compaq Easy Access Keyboard software 1.3 does not properly disable access to custom buttons when the screen is locked, which could allow an attacker to gain privileges or execute programs without authorization. | |||||
| CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2017-10-09 | 10.0 HIGH | N/A |
| Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | |||||
| CVE-2000-0948 | 1 Gnome | 1 Gnorpm | 2017-10-09 | 7.2 HIGH | N/A |
| GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2001-1055 | 1 Microsoft | 2 Windows 98, Windows 98se | 2017-10-09 | 5.0 MEDIUM | N/A |
| The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. | |||||
| CVE-2001-0375 | 1 Cisco | 2 Pix Firewall 515, Pix Firewall 520 | 2017-10-09 | 5.0 MEDIUM | N/A |
| Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. | |||||
| CVE-2001-0865 | 1 Cisco | 1 12000 Router | 2017-10-09 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | |||||
| CVE-2001-1053 | 1 Adcycle | 1 Adcycle | 2017-10-09 | 10.0 HIGH | N/A |
| AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument. | |||||
| CVE-2001-0373 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2017-10-09 | 2.1 LOW | N/A |
| The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information. | |||||
| CVE-2000-0953 | 1 Evolvable Corporation | 1 Shambala Server | 2017-10-09 | 5.0 MEDIUM | N/A |
| Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection. | |||||
| CVE-2001-1089 | 2 Alessandro Gardich, Joerg Wendland | 2 Nss Postgresql, Libnss-pgsql | 2017-10-09 | 7.5 HIGH | N/A |
| libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request. | |||||
| CVE-2001-0801 | 1 Sgi | 1 Irix | 2017-10-09 | 7.2 HIGH | N/A |
| lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. | |||||
| CVE-2000-0956 | 1 Carnegie Mellon University | 1 Cyrus-sasl | 2017-10-09 | 4.6 MEDIUM | N/A |
| cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions. | |||||
| CVE-2000-0957 | 1 Pam Mysql | 1 Pam Mysql | 2017-10-09 | 7.5 HIGH | N/A |
| The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes. | |||||
| CVE-2000-0958 | 1 Sun | 1 Hotjava Browser | 2017-10-09 | 5.0 MEDIUM | N/A |
| HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window. | |||||
| CVE-2000-0959 | 1 Gnu | 1 Glibc | 2017-10-09 | 1.2 LOW | N/A |
| glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack. | |||||