Full List

Search

Recent Vulnerabilities

• CVE-2000-0228 • published on June 2, 2000 Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability.
• CVE-2000-0229 • published on June 2, 2000 gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
• CVE-2000-0235 • published on June 2, 2000 Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges.
• CVE-2000-0258 • published on June 2, 2000 IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
• CVE-2000-0230 • published on June 2, 2000 Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
• CVE-2000-0245 • published on June 2, 2000 Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts.
• CVE-2000-0267 • published on June 2, 2000 Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.
• CVE-2000-0294 • published on June 2, 2000 Buffer overflow in healthd for FreeBSD allows local users to gain root privileges.
• CVE-2000-0329 • published on June 2, 2000 A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
• CVE-2000-0330 • published on June 2, 2000 The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
• CVE-2000-0327 • published on June 2, 2000 Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.
• CVE-2000-0328 • published on June 2, 2000 Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
• CVE-2000-0323 • published on June 2, 2000 The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability.
• CVE-2000-0355 • published on May 24, 2000 pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files.
• CVE-2000-0357 • published on May 24, 2000 ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
• CVE-2000-0364 • published on May 24, 2000 screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.
• CVE-2000-0358 • published on May 24, 2000 ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
• CVE-2000-0365 • published on May 24, 2000 Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.
• CVE-2000-0317 • published on May 18, 2000 Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.
• CVE-2000-0325 • published on May 18, 2000 The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.