CVE-2000-0401

Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string.

Publication date: Mon, 01 May 2000 09:00:00 +0000

Cyber News related to CVE-2000-0401

CVE-2007-5763 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0401. Reason: This candidate is a reservation duplicate of CVE-2008-0401. Notes: All CVE users should reference CVE-2008-0401 instead of this candidate. All references and ...
55 years ago Tenable.com

CVE-2000-0401 - Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string. ...
8 years ago

CVE-2000-0744 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0743. Reason: This candidate is a duplicate of CVE-2000-0743. Notes: All CVE users should reference CVE-2000-0743 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-2008-5416 - Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 ...
6 years ago

CVE-2008-0086 - Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. ...
6 years ago

CVE-2008-0107 - Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 ...
5 years ago

CVE-2008-0085 - SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize ...
5 years ago

CVE-2021-47460 - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 ...
8 months ago Tenable.com

CVE-2024-49883 - In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent() As Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is reallocated in ext4_ext_create_new_leaf(), we'll use ...
4 months ago Tenable.com

CVE-2010-1239 - Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch ...
14 years ago

CVE-2016-0429 - Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401. ...
7 years ago

CVE-2016-0401 - Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0429. ...
7 years ago

CVE-2005-0401 - FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a ...
6 years ago

CVE-2022-0401 - Path Traversal in NPM w-zip prior to 1.0.12. ...
3 years ago

CVE-2010-0401 - OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the server password, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (daemon crash) by sending ...
14 years ago

CVE-2002-0401 - SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. ...
1 year ago

CVE-2003-0401 - Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. ...
8 years ago

CVE-2015-0401 - Unspecified vulnerability in the Oracle Directory Server Enterprise Edition component in Oracle Fusion Middleware 7.0 and 11.1.1.7 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console. ...
8 years ago

CVE-2004-0401 - Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions. ...
7 years ago

CVE-2006-0401 - Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors. ...
7 years ago

CVE-2008-0401 - Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial of service (daemon crash) or possibly execute ...
7 years ago

CVE-2009-0401 - SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. ...
7 years ago

CVE-2012-0401 - Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. ...
7 years ago

CVE-2007-0401 - SQL injection vulnerability in admin/memberlist.php in Easebay Resources Login Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the init_row parameter. ...
6 years ago

CVE-2001-0401 - Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. ...
6 years ago

Latest Cyber News

Salt Typhoon Hackers Exploit Cisco Vulnerability To Gain Access To U.S. Telecom Networks - 2 hours ago
Google Chrome disables uBlock Origin for some in Manifest v3 rollout - 9 hours ago
CVE-2025-25282 - 9 hours ago
CVE-2025-1555 - 9 hours ago
Hackers drained $1.4 billion of cryptocurrency from Bybit exchange, CEO confirms | The Record from Recorded Future News - 11 hours ago
Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key - 11 hours ago
CVE-2025-25604 - 11 hours ago
CVE-2025-25605 - 11 hours ago
CVE-2025-25767 - 11 hours ago
CVE-2025-25768 - 11 hours ago
CVE-2025-25769 - 11 hours ago
CVE-2025-25770 - 11 hours ago
CVE-2025-25772 - 11 hours ago
CVE-2020-19248 - 11 hours ago
SpyLend Android malware downloaded 100,000 times from Google Play - 12 hours ago
CVE-2025-25876 - 12 hours ago
CVE-2025-25877 - 12 hours ago
CVE-2025-25878 - 12 hours ago
CVE-2025-25765 - 12 hours ago
CVE-2025-25766 - 12 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Salt Typhoon Hackers Exploit Cisco Vulnerability To Gain Access To U.S. Telecom Networks - 2 hours ago
CVE-2025-25958 - 1 day ago
CVE-2025-25960 - 1 day ago
CVE-2024-54756 - 1 day ago
CVE-2024-7131 - 1 day ago
CVE-2025-22973 - 1 day ago
CVE-2025-25662 - 1 day ago
CVE-2025-25663 - 1 day ago
CVE-2025-25664 - 1 day ago
CVE-2025-25667 - 1 day ago
CVE-2025-25668 - 1 day ago
CVE-2025-25674 - 1 day ago
CVE-2025-25675 - 1 day ago
CVE-2025-25676 - 1 day ago
CVE-2025-25678 - 1 day ago
CVE-2025-25679 - 1 day ago
CVE-2025-25957 - 1 day ago
CVE-2025-27088 - 1 day ago
CVE-2025-27100 - 1 day ago
CVE-2025-1001 - 1 day ago