Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2000-0907 EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands. | N/A | NONE | — | 0 |
| CVE-2000-0908 BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request. | N/A | NONE | — | 0 |
| CVE-2000-0909 Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header. | N/A | NONE | — | 0 |
| CVE-2000-0910 Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address. | N/A | NONE | — | 0 |
| CVE-2000-0911 IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment. | N/A | NONE | — | 0 |
| CVE-2000-0912 MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter. | N/A | NONE | — | 0 |
| CVE-2000-0913 mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression. | N/A | NONE | — | 0 |
| CVE-2000-0914 OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. | N/A | NONE | — | 0 |
| CVE-2000-0915 fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name. | N/A | NONE | — | 0 |
| CVE-2000-0916 FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP co... | N/A | NONE | — | 0 |
| CVE-2000-0917 Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. | N/A | NONE | — | 0 |
| CVE-2000-0918 Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters. | N/A | NONE | — | 0 |
| CVE-2000-0919 Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | N/A | NONE | — | 0 |
| CVE-2000-0920 Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" in... | N/A | NONE | — | 0 |
| CVE-2000-0921 Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. | N/A | NONE | — | 0 |
| CVE-2025-10229 A vulnerability has been found in Freshwork up to 1.2.3. This impacts an unknown function of the file /api/v2/logout. Such manipulation of the argument post_logout_redirect_uri leads to open redirect.... | 4.3 | MEDIUM | — | 0 |
| CVE-2000-0922 Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the ... | N/A | NONE | — | 0 |
| CVE-2000-0923 authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter. | N/A | NONE | — | 0 |
| CVE-2000-0924 Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter. | N/A | NONE | — | 0 |
| CVE-2000-0925 The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive info... | N/A | NONE | — | 0 |
| CVE-2000-0926 SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote attackers to modify price information by changing the "Price" hidden form variable. | N/A | NONE | — | 0 |
| CVE-2025-10232 A weakness has been identified in 299ko up to 2.0.0. Affected by this issue is the function getSentDir/delete of the file plugin/filemanager/controllers/FileManagerAPIController.php. Executing manipul... | 5.4 | MEDIUM | — | 0 |
| CVE-2000-0927 WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they are stored in alternative data streams, which allows users to bypass quota restrictions. | N/A | NONE | — | 0 |
| CVE-2000-0928 WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares. | N/A | NONE | — | 0 |
| CVE-2000-0929 Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerabil... | N/A | NONE | — | 0 |
| CVE-2000-0930 Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch. | N/A | NONE | — | 0 |
| CVE-2000-0931 Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data. | N/A | NONE | — | 0 |
| CVE-2000-0932 MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service. | N/A | NONE | — | 0 |
| CVE-2000-0933 The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain... | N/A | NONE | — | 0 |
| CVE-2000-0934 Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack. | N/A | NONE | — | 0 |
| CVE-2000-0935 Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. | N/A | NONE | — | 0 |
| CVE-2000-0936 Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and pas... | N/A | NONE | — | 0 |
| CVE-2000-0937 Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force passwor... | N/A | NONE | — | 0 |
| CVE-2000-0938 Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users o... | N/A | NONE | — | 0 |
| CVE-2000-0939 Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart. | N/A | NONE | — | 0 |
| CVE-2000-0940 Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter. | N/A | NONE | — | 0 |
| CVE-2000-0941 Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter. | N/A | NONE | — | 0 |
| CVE-2000-0942 The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka ... | N/A | NONE | — | 0 |
| CVE-2000-0943 Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER command. | N/A | NONE | — | 0 |
| CVE-2000-0944 CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without ... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-10233 A security vulnerability has been detected in kalcaddle kodbox 1.61. This affects the function fileGet/fileSave of the file app/controller/explorer/editor.class.php. The manipulation of the argument p... | 6.3 | MEDIUM | — | 0 |
| CVE-2000-0945 The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the... | N/A | NONE | — | 0 |
| CVE-2000-0946 Compaq Easy Access Keyboard software 1.3 does not properly disable access to custom buttons when the screen is locked, which could allow an attacker to gain privileges or execute programs without auth... | N/A | NONE | — | 0 |
| CVE-2000-0947 Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | N/A | NONE | — | 0 |
| CVE-2000-0948 GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack. | N/A | NONE | — | 0 |
| CVE-2000-0949 Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option. | N/A | NONE | — | 0 |
| CVE-2000-0950 Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) allows local users to execute arbitrary commands via a malformed display name. | N/A | NONE | — | 0 |
| CVE-2000-0951 A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) s... | N/A | NONE | — | 0 |
| CVE-2000-0952 global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters. | N/A | NONE | — | 0 |
| CVE-2000-0953 Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection. | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.