2000 CVE Vulnerabilities

1,241 CVEs published in 2000.

CRITICAL2

0.2%

0.4%

0.4%

0.0%

99.0%

CVE ID	Severity	CVSS	EPSS	Published	Description
CVE-2000-0029	—	—	0.3%	Dec 27, 1999	UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
CVE-2000-0027	—	—	0.6%	Dec 27, 1999	IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
CVE-2000-0010	—	—	11.1%	Dec 26, 1999	WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
CVE-2000-0008	—	—	0.4%	Dec 26, 1999	FTPPro allows local users to read sensitive information, which is stored in plain text.
CVE-2000-0006	—	—	0.3%	Dec 25, 1999	strace allows local users to read arbitrary files via memory mapped file names.
CVE-2000-0040	—	—	1.9%	Dec 23, 1999	glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
CVE-2000-0028	—	—	23.1%	Dec 23, 1999	Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the ...
CVE-2000-0038	—	—	6.6%	Dec 23, 1999	glFtpD includes a default glftpd user account with a default password and a UID of 0.
CVE-2000-0001	—	—	6.2%	Dec 23, 1999	RealMedia server allows remote attackers to cause a denial of service via a long ramgen request.
CVE-2000-0018	—	—	0.7%	Dec 22, 1999	wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.
CVE-2000-0036	—	—	3.9%	Dec 22, 1999	Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attach...
CVE-2000-0002	—	—	13.9%	Dec 22, 1999	Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request.
CVE-2000-0034	—	—	1.4%	Dec 22, 1999	Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not e...
CVE-2000-0030	—	—	1.0%	Dec 22, 1999	Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
CVE-2000-0032	—	—	2.7%	Dec 22, 1999	Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
CVE-2000-0119	—	—	1.2%	Dec 22, 1999	The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED...
CVE-2000-0025	—	—	34.9%	Dec 21, 1999	IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directo...
CVE-2000-0026	—	—	4.6%	Dec 21, 1999	Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password a...
CVE-2000-0024	—	—	12.2%	Dec 21, 1999	IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-pa...
CVE-2000-0023	—	—	1.4%	Dec 21, 1999	Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
CVE-2000-0022	—	—	1.1%	Dec 21, 1999	Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
CVE-2000-0017	—	—	8.9%	Dec 21, 1999	Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
CVE-2000-0020	—	—	1.9%	Dec 20, 1999	DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.
CVE-2000-0361	—	—	0.3%	Dec 14, 1999	The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which a...
CVE-2000-0068	—	—	1.5%	Dec 14, 1999	daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modi...

Check if your code is affected by 2000 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now