Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2000-0622
Publication date:
19/07/2000
Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0636
Publication date:
19/07/2000
HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0633
Publication date:
18/07/2000
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0567
Publication date:
18/07/2000
Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrary commands via a long Date field in an email header, aka the "Malformed E-mail Header" vulnerability.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0625
Publication date:
18/07/2000
NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0626
Publication date:
18/07/2000
Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET request.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0627
Publication date:
18/07/2000
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0632
Publication date:
17/07/2000
Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via a long query string.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0665
Publication date:
17/07/2000
GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to cause a denial of service via a long username.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0623
Publication date:
17/07/2000
Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers to execute arbitrary commands via a long GET request or Referrer header.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0630
Publication date:
17/07/2000
IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0666
Publication date:
16/07/2000
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025
Subscribe to Vulnerabilities