Export limit exceeded: 344927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344927 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0320 | 1 Ncipher | 1 Nshield | 2026-04-16 | N/A |
| Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands. | ||||
| CVE-2004-0321 | 1 Singularity Software | 1 Team Factor | 2026-04-16 | N/A |
| Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a packet that uses a negative number to specify the size of the data block that follows, which causes Team Factor to read unallocated memory. | ||||
| CVE-2004-0563 | 1 Freenet6 | 1 Freenet6 | 2026-04-16 | N/A |
| The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password. | ||||
| CVE-2003-0249 | 1 Php | 1 Php | 2026-04-16 | N/A |
| PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report. | ||||
| CVE-2003-0253 | 2 Apache, Redhat | 2 Http Server, Linux | 2026-04-16 | N/A |
| The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. | ||||
| CVE-2003-0254 | 2 Apache, Redhat | 2 Http Server, Linux | 2026-04-16 | N/A |
| Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. | ||||
| CVE-2003-0327 | 1 Sybase | 1 Adaptive Server Enterprise | 2026-04-16 | N/A |
| Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow. | ||||
| CVE-2003-0345 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required. | ||||
| CVE-2003-0346 | 1 Microsoft | 1 Directx | 2026-04-16 | N/A |
| Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow. | ||||
| CVE-2003-0347 | 1 Microsoft | 4 Office, Project, Visio and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. | ||||
| CVE-2003-0350 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function. | ||||
| CVE-2003-0352 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms. | ||||
| CVE-2003-0353 | 1 Microsoft | 1 Data Access Components | 2026-04-16 | N/A |
| Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434. | ||||
| CVE-2003-0363 | 1 Licq | 1 Licq | 2026-04-16 | N/A |
| Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers. | ||||
| CVE-2003-0421 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0502. | ||||
| CVE-2003-0427 | 2 Miod Vallat, Redhat | 2 Mikmod, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename. | ||||
| CVE-2003-0428 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string. | ||||
| CVE-2003-0429 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow. | ||||
| CVE-2003-0430 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value. | ||||
| CVE-2003-0431 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences. | ||||