Export limit exceeded: 344942 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344942 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0588 | 1 Digi-fx | 1 Digi-news | 2026-04-16 | N/A |
| admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | ||||
| CVE-2003-0589 | 1 Digi-fx | 1 Digi-news | 2026-04-16 | N/A |
| admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | ||||
| CVE-2003-0595 | 1 Terascript | 1 Wintango Application Server | 2026-04-16 | N/A |
| Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference. | ||||
| CVE-2003-0596 | 1 Fdclone | 1 Fdclone | 2026-04-16 | N/A |
| FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time. | ||||
| CVE-2003-0597 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges. | ||||
| CVE-2003-1518 | 1 Adiscon | 1 Winsyslog | 2026-04-16 | N/A |
| Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a long syslog message. | ||||
| CVE-2003-0599 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | N/A |
| Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root. | ||||
| CVE-2003-1519 | 1 Vivisimo | 1 Clustering Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program. | ||||
| CVE-2003-1520 | 1 Fuzzymonkey | 1 Myclassifieds | 2026-04-16 | N/A |
| SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||
| CVE-2003-1521 | 1 Sun | 1 Java Plug-in | 2026-04-16 | N/A |
| Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. | ||||
| CVE-2003-1524 | 1 Pgpi | 1 Pgpdisk | 2026-04-16 | N/A |
| PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch user function in Windows XP is used, which could allow local users to access data on another user's PGP partition. | ||||
| CVE-2003-1525 | 1 My Photo Gallery | 1 My Photo Gallery | 2026-04-16 | N/A |
| Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors. | ||||
| CVE-2003-1526 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. | ||||
| CVE-2003-1527 | 2 Ibm, Iss | 2 Internet Security Systems Blackice Defender, Blackice Server Protection | 2026-04-16 | N/A |
| BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | ||||
| CVE-2003-0602 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs. | ||||
| CVE-2003-1528 | 1 Fujitsu | 1 Siemens Networker | 2026-04-16 | N/A |
| nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file. | ||||
| CVE-2003-0603 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions. | ||||
| CVE-2003-0604 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. | ||||
| CVE-2003-0605 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function. | ||||
| CVE-2003-0606 | 2 Cvsup, Sup | 2 Cvsup-mirror, Sup | 2026-04-16 | N/A |
| sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | ||||