CVE-2000-0169

by | Nov 3, 2025

Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes ‘?&’.

CVE-2000-0199

by | Nov 3, 2025

When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the “Always prompt for login name and password” option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password.

CVE-2000-0180

by | Nov 3, 2025

Sojourn search engine allows remote attackers to read arbitrary files via a .. (dot dot) attack.

CVE-2000-0230

by | Nov 3, 2025

Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.

CVE-2000-0237

by | Nov 3, 2025

Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories.