Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2000-1219

Publication date:
01/11/2000
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0744

Publication date:
20/10/2000
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0743. Reason: This candidate is a duplicate of CVE-2000-0743. Notes: All CVE users should reference CVE-2000-0743 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
Severity CVSS v4.0: Pending analysis
Last modification:
07/11/2023

CVE-2000-0677

Publication date:
20/10/2000
Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0698

Publication date:
20/10/2000
Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0702

Publication date:
20/10/2000
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0716

Publication date:
20/10/2000
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0729

Publication date:
20/10/2000
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0731

Publication date:
20/10/2000
Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0732

Publication date:
20/10/2000
Worm HTTP server allows remote attackers to cause a denial of service via a long URL.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0738

Publication date:
20/10/2000
WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0739

Publication date:
20/10/2000
Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025

CVE-2000-0740

Publication date:
20/10/2000
Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port.
Severity CVSS v4.0: Pending analysis
Last modification:
03/04/2025