Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2000-0061

Publication date:
07/01/2000
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0044

Publication date:
06/01/2000
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0055

Publication date:
06/01/2000
Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0084

Publication date:
06/01/2000
CuteFTP uses weak encryption to store password information in its tree.dat file.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0056

Publication date:
05/01/2000
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0058

Publication date:
05/01/2000
Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0744

Publication date:
04/01/2000
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-1999-0735

Publication date:
04/01/2000
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0049

Publication date:
04/01/2000
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0050

Publication date:
04/01/2000
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0051

Publication date:
04/01/2000
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0052

Publication date:
04/01/2000
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025