Export limit exceeded: 344941 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344941 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0432 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors. | ||||
| CVE-2003-0433 | 1 Gnocatan-develop | 1 Gnocatan | 2026-04-16 | N/A |
| Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code. | ||||
| CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2026-04-16 | N/A |
| Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | ||||
| CVE-2003-0438 | 1 Yuuichi Teranishi | 1 Eldav | 2026-04-16 | N/A |
| eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0440 | 3 Debian, Redhat, Semi | 4 Debian Linux, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0442 | 2 Php, Redhat | 2 Php, Linux | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter. | ||||
| CVE-2003-0445 | 1 Webfs | 1 Webfs | 2026-04-16 | N/A |
| Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI. | ||||
| CVE-2003-0446 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message. | ||||
| CVE-2003-0447 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated. | ||||
| CVE-2003-0448 | 1 Aboleo.net | 1 Portmon | 2026-04-16 | N/A |
| Portmon 1.7 and possibly earlier versions allows local users to read and write arbitrary files via the (1) -c (host file) or (2) -l (log file) command line options. | ||||
| CVE-2003-0449 | 1 Progress | 1 Database | 2026-04-16 | N/A |
| Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter, as demonstrated using librocket_r.so in _dbagent. | ||||
| CVE-2003-0450 | 1 Cistron | 1 Radius Daemon | 2026-04-16 | N/A |
| Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buffer overflow. | ||||
| CVE-2003-0458 | 1 Hp | 1 Nonstop Seeview Server Gateway | 2026-04-16 | N/A |
| Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges. | ||||
| CVE-2003-0460 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service. | ||||
| CVE-2003-0461 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords. | ||||
| CVE-2003-0462 | 3 Linux, Mandrakesoft, Redhat | 6 Linux Kernel, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2026-04-16 | N/A |
| A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). | ||||
| CVE-2003-0465 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks. | ||||
| CVE-2003-1469 | 2 Macromedia, Microsoft | 5 Coldfusion, Coldfusion Professional, Windows 2000 and 2 more | 2026-04-16 | N/A |
| The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | ||||
| CVE-2003-0467 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error. | ||||
| CVE-2003-1470 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a CREATE command with a long mailbox name. | ||||