Full List

Search

Recent Vulnerabilities

• CVE-2000-0383 • published on June 15, 2000 The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient.
• CVE-2000-0386 • published on June 15, 2000 FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email.
• CVE-2000-0401 • published on June 15, 2000 Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string.
• CVE-2000-0444 • published on June 15, 2000 HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.
• CVE-2000-0385 • published on June 15, 2000 FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities.
• CVE-2000-0413 • published on June 15, 2000 The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
• CVE-2000-0420 • published on June 15, 2000 The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
• CVE-2000-0422 • published on June 15, 2000 Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter.
• CVE-2000-0429 • published on June 15, 2000 A backdoor password in Cart32 3.0 and earlier allows remote attackers to execute arbitrary commands.
• CVE-2000-0450 • published on June 15, 2000 Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.
• CVE-2000-0400 • published on June 15, 2000 The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post.
• CVE-2000-0412 • published on June 15, 2000 The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file.
• CVE-2000-0423 • published on June 15, 2000 Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag.
• CVE-2000-0434 • published on June 15, 2000 The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.
• CVE-2000-0415 • published on June 15, 2000 Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
• CVE-2000-0433 • published on June 15, 2000 The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.
• CVE-2000-0449 • published on June 15, 2000 Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields.
• CVE-1999-0031 • published on June 2, 2000 JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
• CVE-1999-0142 • published on June 2, 2000 The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
• CVE-1999-0225 • published on June 2, 2000 Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.