Export limit exceeded: 344908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1165 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header. | ||||
| CVE-2003-1166 | 1 Http Commander | 1 Http Commander | 2026-04-16 | N/A |
| Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2006-1010 | 1 Crossfire | 1 Crossfire | 2026-04-16 | N/A |
| Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request. | ||||
| CVE-2003-1167 | 1 Gernot Stocker | 1 Kpopup | 2026-04-16 | N/A |
| misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program. | ||||
| CVE-2004-0243 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods. | ||||
| CVE-2003-1168 | 1 Http Commander | 1 Http Commander | 2026-04-16 | N/A |
| HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. | ||||
| CVE-2004-0244 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. | ||||
| CVE-2004-0390 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. | ||||
| CVE-2004-0564 | 2 Debian, Roaring Penguin | 2 Debian Linux, Pppoe | 2026-04-16 | N/A |
| Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. | ||||
| CVE-2003-1169 | 1 Datev | 1 Nutzungskontrolle | 2026-04-16 | N/A |
| DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle. | ||||
| CVE-2003-1170 | 1 Gernot Stocker | 1 Kpopup | 2026-04-16 | N/A |
| Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments. | ||||
| CVE-2003-1171 | 1 Mod Security | 1 Mod Security | 2026-04-16 | N/A |
| Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data. | ||||
| CVE-2003-1172 | 1 Apache | 1 Cocoon | 2026-04-16 | N/A |
| Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2004-0245 | 1 Web Crossing Inc | 1 Web Crossing | 2026-04-16 | N/A |
| Web Crossing 4.x and 5.x allows remote attackers to cause a denial of service (crash) by sending a HTTP POST request with a large or negative Content-Length, which causes an integer divide-by-zero. | ||||
| CVE-2003-1173 | 1 Centrinity | 1 Centrinity Firstclass | 2026-04-16 | N/A |
| Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory. | ||||
| CVE-2003-1174 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. | ||||
| CVE-2003-1175 | 1 Synthetic Reality | 1 Sympoll | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter. | ||||
| CVE-2003-1176 | 1 Bdc Enterprises | 1 Web Wiz Forums | 2026-04-16 | N/A |
| post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter. | ||||
| CVE-2003-1177 | 1 Atrium Software | 1 Mercur Mailserver | 2026-04-16 | N/A |
| Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | ||||
| CVE-2003-1180 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. sequences in the base_path or pollvars[lang] parameters to the admin files (1) index.php, (2) admin_tpl_new.php, (3) admin_tpl_misc_new.php, (4) admin_templates_misc.php, (5) admin_templates.php, (6) admin_stats.php, (7) admin_settings.php, (8) admin_preview.php, (9) admin_password.php, (10) admin_logout.php, (11) admin_license.php, (12) admin_help.php, (13) admin_embed.php, (14) admin_edit.php, or (15) admin_comment.php. | ||||