CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0290
https://notcve.org/view.php?id=CVE-2001-0290
03 May 2001 — Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. • http://archives.neohapsis.com/archives/bugtraq/2001-03/0031.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0071
https://notcve.org/view.php?id=CVE-2001-0071
12 Feb 2001 — gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000368 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0072
https://notcve.org/view.php?id=CVE-2001-0072
12 Feb 2001 — gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000368 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2000-1137
https://notcve.org/view.php?id=CVE-2000-1137
09 Jan 2001 — GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000359 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2000-0947
https://notcve.org/view.php?id=CVE-2000-0947
19 Dec 2000 — Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. • ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-013.txt.asc •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0803
https://notcve.org/view.php?id=CVE-2000-0803
19 Dec 2000 — GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. • https://exchange.xforce.ibmcloud.com/vulnerabilities/5280 •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2000-0974
https://notcve.org/view.php?id=CVE-2000-0974
19 Dec 2000 — GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:67.gnupg.asc •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0959
https://notcve.org/view.php?id=CVE-2000-0959
19 Dec 2000 — glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack. • http://www.securityfocus.com/archive/1/85028 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2000-0963
https://notcve.org/view.php?id=CVE-2000-0963
29 Nov 2000 — Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. • http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2000-0824 – ProFTPd 1.2 pre6 - 'snprintf' Remote Root
https://notcve.org/view.php?id=CVE-2000-0824
14 Nov 2000 — The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. • https://www.exploit-db.com/exploits/19503 •