Full List

Search

Recent Vulnerabilities

• CVE-2000-0121 • published on March 22, 2000 The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.
• CVE-2000-0139 • published on March 22, 2000 Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
• CVE-2000-0148 • published on March 22, 2000 MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
• CVE-2000-0149 • published on March 22, 2000 Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.
• CVE-2000-0152 • published on March 22, 2000 Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000.
• CVE-2000-0162 • published on March 22, 2000 The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
• CVE-2000-0156 • published on March 22, 2000 Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability.
• CVE-2000-0161 • published on March 22, 2000 Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands.
• CVE-2000-0187 • published on March 22, 2000 EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.
• CVE-2000-0150 • published on March 22, 2000 Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
• CVE-2000-0173 • published on March 22, 2000 Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
• CVE-2000-0176 • published on March 22, 2000 The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist.
• CVE-2000-0188 • published on March 22, 2000 EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.
• CVE-2000-0190 • published on March 22, 2000 AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value.
• CVE-2000-0145 • published on March 22, 2000 The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.
• CVE-2000-0177 • published on March 22, 2000 DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.
• CVE-2000-0204 • published on March 22, 2000 The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%.
• CVE-2000-0220 • published on March 22, 2000 ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event.
• CVE-2000-0199 • published on March 22, 2000 When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password.
• CVE-2000-0197 • published on March 22, 2000 The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.