Export limit exceeded: 344930 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344930 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344930 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2342 | 1 Joe Depasquale | 1 Bannermatic | 2026-04-16 | N/A |
| Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files. | ||||
| CVE-2002-2398 | 1 App | 1 Apboard | 2026-04-16 | N/A |
| The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter. | ||||
| CVE-2002-2414 | 2 Opera Software, Squid | 2 Opera, Squid | 2026-04-16 | N/A |
| Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2002-2417 | 1 Acftp | 1 Acftp | 2026-04-16 | N/A |
| acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges. | ||||
| CVE-2002-2426 | 1 Citrix | 3 Access Essentials, Metaframe Presentation Server, Presentation Server | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the InitialProgram key in an ICA connection. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2000-0842 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2003-0004 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. | ||||
| CVE-2003-0011 | 1 Microsoft | 1 Isa Server | 2026-04-16 | N/A |
| Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. | ||||
| CVE-2003-0015 | 3 Cvs, Freebsd, Redhat | 4 Cvs, Freebsd, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. | ||||
| CVE-2003-0023 | 2 Redhat, Rxvt | 3 Enterprise Linux, Linux, Rxvt | 2026-04-16 | N/A |
| The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | ||||
| CVE-2003-0032 | 1 Mcrypt | 1 Libmcrypt | 2026-04-16 | N/A |
| Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool. | ||||
| CVE-2003-0041 | 3 Mandrakesoft, Mit, Redhat | 5 Mandrake Linux, Mandrake Multi Network Firewall, Kerberos Ftp Client and 2 more | 2026-04-16 | N/A |
| Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client. | ||||
| CVE-2003-0049 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password. | ||||
| CVE-2003-0051 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. | ||||
| CVE-2003-0053 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. | ||||
| CVE-2003-0057 | 1 Hypermail | 1 Hypermail | 2026-04-16 | N/A |
| Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by connecting to the mail CGI program from an IP address that reverse-resolves to a long hostname. | ||||
| CVE-2003-0058 | 3 Mit, Redhat, Sun | 6 Kerberos 5, Enterprise Linux, Linux and 3 more | 2026-04-16 | N/A |
| MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | ||||
| CVE-2003-0065 | 1 National University Of Singapore | 1 Uxterm | 2026-04-16 | N/A |
| The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0070 | 3 Gnome, Nalin Dahyabhai, Redhat | 3 Gnome-terminal, Vte, Linux | 2026-04-16 | N/A |
| VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0072 | 2 Mit, Redhat | 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). | ||||