Export limit exceeded: 344962 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344962 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1556 | 1 Cgi City | 1 Cc Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters. | ||||
| CVE-2004-0337 | 1 Software602 | 1 602pro Lan Suite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote attackers to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be reproduced, so this issue may be REJECTed in the future. | ||||
| CVE-2003-0704 | 1 Kismac | 1 Kismac | 2026-04-16 | N/A |
| KisMAC before 0.05d trusts user-supplied variables when chown'ing files or directories, which allows local users to gain privileges via the $DRIVER_KEXT environment variable in (1) viha_driver.sh, (2) macjack_load.sh, (3) airojack_load.sh, (4) setuid_enable.sh, (5) setuid_disable.sh, and using a "similar technique" for (6) viha_prep.sh and (7) viha_unprep.sh. | ||||
| CVE-2003-0705 | 1 Nicolas Boullis | 1 Mah-jong | 2026-04-16 | N/A |
| Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code. | ||||
| CVE-2003-0706 | 1 Nicolas Boullis | 1 Mah-jong | 2026-04-16 | N/A |
| Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop). | ||||
| CVE-2003-0707 | 1 Tomi Manninen | 1 Linuxnode | 2026-04-16 | N/A |
| Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code. | ||||
| CVE-2003-0708 | 1 Tomi Manninen | 1 Linuxnode | 2026-04-16 | N/A |
| Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2003-0709 | 1 Whois | 1 Whois | 2026-04-16 | N/A |
| Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI programs, may allow remote attackers to execute arbitrary code via a long command line option. | ||||
| CVE-2003-0711 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Me and 2 more | 2026-04-16 | N/A |
| Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL. | ||||
| CVE-2003-0712 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script. | ||||
| CVE-2003-0714 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000. | ||||
| CVE-2003-0715 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528. | ||||
| CVE-2003-1557 | 1 Spamassassin | 1 Spamassassin | 2026-04-16 | N/A |
| Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters. | ||||
| CVE-2003-0717 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Me and 2 more | 2026-04-16 | N/A |
| The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| CVE-2003-1558 | 1 Fefe | 1 Fnord | 2026-04-16 | N/A |
| Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function. | ||||
| CVE-2003-0720 | 2 Redhat, University Of Washington | 3 Enterprise Linux, Linux, Pine | 2026-04-16 | N/A |
| Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. | ||||
| CVE-2003-1559 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | ||||
| CVE-2003-0721 | 2 Redhat, Washington | 3 Enterprise Linux, Linux, Pine | 2026-04-16 | N/A |
| Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. | ||||
| CVE-2003-0723 | 1 Gkrellm | 1 Gkrellm | 2026-04-16 | N/A |
| Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code. | ||||
| CVE-2003-0724 | 1 Compaq | 1 Tru64 | 2026-04-16 | N/A |
| ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges. | ||||