2000 CVE Vulnerabilities
1,241 CVEs published in 2000.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2000-0435 | — | — | 1.6% | May 13, 2000 | The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by... |
| CVE-2000-0415 | — | — | 6.1% | May 12, 2000 | Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has... |
| CVE-2000-0407 | — | — | 1.1% | May 12, 2000 | Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. |
| CVE-2000-0419 | — | — | 21.0% | May 11, 2000 | The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthori... |
| CVE-2000-0416 | — | — | 6.3% | May 11, 2000 | NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web co... |
| CVE-2000-0408 | — | — | 58.0% | May 11, 2000 | IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a l... |
| CVE-2000-0439 | — | — | 6.3% | May 11, 2000 | Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that... |
| CVE-2000-0457 | — | — | 52.8% | May 11, 2000 | ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large nu... |
| CVE-2000-0421 | — | — | 1.7% | May 11, 2000 | The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters. |
| CVE-2000-0420 | — | — | 1.5% | May 11, 2000 | The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacke... |
| CVE-2000-0406 | — | — | 1.0% | May 10, 2000 | Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows rem... |
| CVE-2000-0304 | — | — | 29.3% | May 10, 2000 | Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of s... |
| CVE-2000-0411 | — | — | 7.4% | May 10, 2000 | Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter... |
| CVE-2000-0410 | — | — | 1.4% | May 10, 2000 | ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE ta... |
| CVE-2000-0409 | — | — | 0.3% | May 10, 2000 | Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite file... |
| CVE-2000-0387 | — | — | 0.3% | May 9, 2000 | The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary file... |
| CVE-2000-0383 | — | — | 1.0% | May 8, 2000 | The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remo... |
| CVE-2000-0382 | — | — | 0.9% | May 8, 2000 | ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitiv... |
| CVE-2000-0384 | — | — | 5.9% | May 8, 2000 | NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable f... |
| CVE-2000-0413 | — | — | 43.9% | May 6, 2000 | The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the ph... |
| CVE-2000-0381 | — | — | 2.6% | May 5, 2000 | The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup informati... |
| CVE-2000-0426 | — | — | 2.5% | May 5, 2000 | UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the S... |
| CVE-2000-0423 | — | — | 7.8% | May 5, 2000 | Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters... |
| CVE-2000-0427 | — | — | 0.8% | May 4, 2000 | The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive info... |
| CVE-2000-0422 | — | — | 2.0% | May 4, 2000 | Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken p... |
Check if your code is affected by 2000 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now