Export limit exceeded: 344947 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344947 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0274 | 1 Eggheads | 1 Eggdrop Irc Bot | 2026-04-16 | N/A |
| Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistakenly assign STAT_OFFERED status to a bot that is not a sharebot, which allows remote attackers to use STAT_OFFERED to promote a bot to a sharebot and conduct unauthorized activities. | ||||
| CVE-2003-1318 | 1 Twilight Utilities | 1 Twilight Webserver | 2026-04-16 | N/A |
| Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376. | ||||
| CVE-2003-1320 | 1 Sonicwall | 1 Firmware | 2026-04-16 | N/A |
| SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. | ||||
| CVE-2004-0276 | 1 Monkey-project | 1 Monkey | 2026-04-16 | N/A |
| The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field. | ||||
| CVE-2003-1322 | 1 Atrium Software | 1 Mercur Mailserver | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command. | ||||
| CVE-2003-1327 | 2 Linux, Washington University | 2 Linux Kernel, Wu-ftpd | 2026-04-16 | N/A |
| Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator. | ||||
| CVE-2003-1331 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453. | ||||
| CVE-2003-1332 | 3 Linux, Redhat, Samba | 3 Linux Kernel, Enterprise Linux, Samba | 2026-04-16 | N/A |
| Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | ||||
| CVE-2003-1339 | 1 Ezmeeting | 1 Ezmeeting | 2026-04-16 | N/A |
| Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll. | ||||
| CVE-2003-1340 | 1 Phpnuke | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279. | ||||
| CVE-2003-1341 | 1 Trend Micro | 2 Officescan, Virus Buster | 2026-04-16 | N/A |
| The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. | ||||
| CVE-2003-1343 | 1 Trend Micro | 1 Scanmail | 2026-04-16 | N/A |
| Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". | ||||
| CVE-2003-1344 | 1 Trend Micro | 1 Virus Control System | 2026-04-16 | N/A |
| Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. | ||||
| CVE-2003-1345 | 1 Follett Software | 1 Webcollection Plus | 2026-04-16 | N/A |
| Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter. | ||||
| CVE-2003-1348 | 1 Ftls | 1 Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field. | ||||
| CVE-2004-0280 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20. | ||||
| CVE-2003-1349 | 1 Thomas Krebs | 1 Niteserver Ftpd | 2026-04-16 | N/A |
| Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 allows remote attackers to list arbitrary directories via a "\.." (backslash dot dot) in the CD (CWD) command. | ||||
| CVE-2003-1350 | 1 List Site Pro | 1 List Site Pro | 2026-04-16 | N/A |
| List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field. | ||||
| CVE-2003-1351 | 1 Greg Billock | 1 Edittag | 2026-04-16 | N/A |
| Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter. | ||||
| CVE-2003-1352 | 1 Gabber | 1 Gabber | 2026-04-16 | N/A |
| Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing. | ||||