Export limit exceeded: 366888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366888 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1087 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
CVE-2000-1088 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
CVE-2000-1089 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.
CVE-2000-1090 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses the lead-byte of a double-byte character.
CVE-2000-1092 1 Alex Heiphetz Group 1 Ezshopper 2026-04-16 N/A
loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a "/" in front of the target filename in the "file" parameter.
CVE-2000-1093 1 Aol 1 Instant Messenger 2026-04-16 N/A
Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command.
CVE-2000-1094 1 Aol 1 Aim 2026-04-16 N/A
Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument.
CVE-2000-1095 5 Conectiva, Immunix, Mandrakesoft and 2 more 5 Linux, Immunix, Mandrake Linux and 2 more 2026-04-16 N/A
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
CVE-2000-1096 1 Paul Vixie 1 Vixie Cron 2026-04-16 N/A
crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file.
CVE-2000-1097 1 Sonicwall 1 Soho Firewall 2026-04-16 N/A
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page.
CVE-2000-1098 1 Sonicwall 1 Soho Firewall 2026-04-16 N/A
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request.
CVE-2000-1099 1 Sun 1 Jdk 2026-04-16 N/A
Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities.
CVE-2000-1100 1 Trlinux 1 Postaci Webmail 2026-04-16 N/A
The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request.
CVE-2000-1101 1 Texas Imperial Software 1 Wftpd 2026-04-16 N/A
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
CVE-2000-1102 1 Ptlink 2 Ptlink Irc Services, Ptlink Ircd 2026-04-16 N/A
PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (server crash) via "mode +owgscfxeb" and "oper" commands.
CVE-2000-1103 1 Bsdi 1 Bsd Os 2026-04-16 N/A
rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.
CVE-2000-1104 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site.
CVE-2000-1113 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary commands via a malformed Active Stream Redirector (.ASX) file, aka the ".ASX Buffer Overrun" vulnerability.
CVE-2000-1105 1 Microsoft 1 Indexing Service 2026-04-16 N/A
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.
CVE-2000-1106 1 Trend Micro 1 Interscan Viruswall 2026-04-16 N/A
Trend Micro InterScan VirusWall creates an "Intscan" share to the "InterScan" directory with permissions that grant Full Control permissions to the Everyone group, which allows attackers to gain privileges by modifying the VirusWall programs.