聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2000-5001 | Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | 無 | 無 | 2026-04-22 | 2026-04-22 |
| CVE-2000-1252 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2000-1251 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2000-1250 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2000-1249 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2000-1248 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2000-1254 | crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms. | 7.5 | 0.73% | 2016-05-05 | 2026-05-06 |
| CVE-2000-1247 | The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI. | 2.1 | 0.15% | 2011-10-05 | 2026-04-29 |
| CVE-2000-1246 | NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command. | 3.5 | 1.13% | 2010-04-05 | 2026-04-29 |
| CVE-2000-1245 | Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | 7.5 | 0.13% | 2010-04-05 | 2026-04-29 |
| CVE-2000-1209 | The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida. | 10.0 | 88.44% | 2002-08-12 | 2026-04-16 |
| CVE-2000-1208 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | 7.2 | 0.05% | 2002-08-12 | 2026-04-16 |
| CVE-2000-1210 | Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp. | 5.0 | 3.69% | 2002-03-22 | 2026-04-16 |
| CVE-2000-1215 | The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. | 5.0 | 1.62% | 2001-09-19 | 2026-04-16 |
| CVE-2000-1202 | ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class. | 7.2 | 0.05% | 2001-08-31 | 2026-04-16 |
| CVE-2000-1201 | Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. | 5.0 | 0.66% | 2001-08-31 | 2026-04-16 |
| CVE-2000-1200 | Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. | 5.0 | 19.02% | 2001-08-31 | 2026-04-16 |
| CVE-2000-1199 | PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases. | 4.6 | 1.13% | 2001-08-31 | 2026-04-16 |
| CVE-2000-1198 | qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes. | 5.5 | 0.31% | 2001-08-31 | 2026-04-16 |
| CVE-2000-1197 | POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes. | 2.1 | 0.08% | 2001-08-31 | 2026-04-16 |