Export limit exceeded: 345077 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345077 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0240 | 1 Axis | 9 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 6 more | 2026-04-16 | N/A |
| The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash). | ||||
| CVE-2003-0243 | 1 Happycgi | 1 Happymall | 2026-04-16 | N/A |
| Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts. | ||||
| CVE-2003-0251 | 2 Nis, Redhat | 3 Ypserv Nis Server, Enterprise Linux, Linux | 2026-04-16 | N/A |
| ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block. | ||||
| CVE-2003-0266 | 1 Bvrp Software | 1 Slwebmail | 2026-04-16 | N/A |
| Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll. | ||||
| CVE-2003-0275 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2003-0279 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php. | ||||
| CVE-2003-0281 | 1 Firebirdsql | 1 Firebird | 2026-04-16 | N/A |
| Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop. | ||||
| CVE-2003-0284 | 1 Adobe | 1 Acrobat | 2026-04-16 | N/A |
| Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. | ||||
| CVE-2003-0285 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. | ||||
| CVE-2003-0300 | 8 Microsoft, Mozilla, Mutt and 5 more | 8 Outlook Express, Mozilla, Mutt and 5 more | 2026-04-16 | N/A |
| The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | ||||
| CVE-2003-0301 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | ||||
| CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2026-04-16 | N/A |
| The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | ||||
| CVE-2003-0314 | 1 Snowblind.net | 1 Snowblind Web Server | 2026-04-16 | N/A |
| Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "</" sequence. | ||||
| CVE-2003-0320 | 1 Andy Prevost | 1 Ttcms | 2026-04-16 | N/A |
| header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script. | ||||
| CVE-2003-0321 | 1 Colten Edwards | 1 Bitchx | 2026-04-16 | N/A |
| Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nicknames, or channel names, which are not properly handled by the functions (1) send_ctcp, (2) cannot_join_channel, (3) cluster, (4) BX_compress_modes, (5) handle_oper_vision, and (6) ban_it. | ||||
| CVE-2003-0328 | 2 Epic, Redhat | 2 Epic4, Linux | 2026-04-16 | N/A |
| EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP request from a large nickname, which causes an incorrect length calculation. | ||||
| CVE-2003-0337 | 1 Platform | 1 Lsadmin | 2026-04-16 | N/A |
| The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute arbitrary programs by modifying the LSF_ENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSF_SERVERDIR to point to a malicious lim program, which lsadmin then executes. | ||||
| CVE-2003-0354 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job. | ||||
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2026-04-16 | 6.2 Medium |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 7 Safari, Kde, Konqueror Embedded and 4 more | 2026-04-16 | N/A |
| Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | ||||