Export limit exceeded: 344952 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344952 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0833 | 1 Webfs | 1 Webfs | 2026-04-16 | N/A |
| Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname. | ||||
| CVE-2004-0031 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php. | ||||
| CVE-2003-0834 | 1 Sco | 2 Open Unix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | ||||
| CVE-2003-0835 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname. | ||||
| CVE-2003-0838 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as an HTA application, a different vulnerability than CVE-2003-0532, and as exploited using the QHosts Trojan horse (aka Trojan.Qhosts, QHosts-1, VBS.QHOSTS, or aolfix.exe). | ||||
| CVE-2004-0032 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter. | ||||
| CVE-2004-0348 | 1 Spidersales | 1 Spidersales | 2026-04-16 | N/A |
| SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter. | ||||
| CVE-2006-1654 | 1 Hp | 9 Color Laserjet, Color Laserjet 2500, Color Laserjet 2500 Toolbox and 6 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225. | ||||
| CVE-2003-0839 | 1 Microsoft | 1 Windows 2003 Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. | ||||
| CVE-2003-0844 | 1 Schroepl | 1 Mod Gzip | 2026-04-16 | 7.1 High |
| mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled. | ||||
| CVE-2004-0033 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command. | ||||
| CVE-2004-0349 | 1 Gweb | 1 Gweb Http Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in GWeb HTTP Server 0.6 allows remote attackers to view arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2003-0845 | 2 Jboss, Redhat | 2 Jboss, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8. | ||||
| CVE-2003-0847 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file. | ||||
| CVE-2003-0849 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function. | ||||
| CVE-2003-0850 | 2 Dug Song, Rafal Wojtczuk | 2 Dsniff, Libnids | 2026-04-16 | N/A |
| The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets." | ||||
| CVE-2003-0852 | 2 Sylpheed, Sylpheed-claws | 2 Sylpheed, Sylpheed-claws | 2026-04-16 | N/A |
| Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message. | ||||
| CVE-2004-0034 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable in login.php. | ||||
| CVE-2003-0854 | 3 Gnu, Redhat, Washington University | 4 Fileutils, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | ||||
| CVE-2003-0855 | 2 Charles Kerr, Redhat | 3 Pan, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address. | ||||