Export limit exceeded: 344954 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344954 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0822 | 1 Microsoft | 4 Frontpage Server Extensions, Sharepoint Team Services, Windows 2000 and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. | ||||
| CVE-2003-0824 | 1 Microsoft | 4 Frontpage Server Extensions, Sharepoint Team Services, Windows 2000 and 1 more | 2026-04-16 | N/A |
| Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request. | ||||
| CVE-2003-0826 | 1 Gnu | 1 Lsh | 2026-04-16 | N/A |
| lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack. | ||||
| CVE-2004-0030 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | 9.8 Critical |
| PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-0347 | 1 Netscreen | 1 Netscreen-sa 5000 Series | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter. | ||||
| CVE-2003-0827 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | N/A |
| The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523. | ||||
| CVE-2003-0830 | 1 Marbles | 1 Marbles | 2026-04-16 | N/A |
| Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable. | ||||
| CVE-2003-0831 | 1 Proftpd Project | 1 Proftpd | 2026-04-16 | N/A |
| ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files. | ||||
| CVE-2003-0832 | 1 Webfs | 1 Webfs | 2026-04-16 | N/A |
| Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header. | ||||
| CVE-2003-0833 | 1 Webfs | 1 Webfs | 2026-04-16 | N/A |
| Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname. | ||||
| CVE-2004-0031 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php. | ||||
| CVE-2003-0834 | 1 Sco | 2 Open Unix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. | ||||
| CVE-2003-0835 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname. | ||||
| CVE-2003-0838 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as an HTA application, a different vulnerability than CVE-2003-0532, and as exploited using the QHosts Trojan horse (aka Trojan.Qhosts, QHosts-1, VBS.QHOSTS, or aolfix.exe). | ||||
| CVE-2004-0032 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter. | ||||
| CVE-2004-0348 | 1 Spidersales | 1 Spidersales | 2026-04-16 | N/A |
| SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter. | ||||
| CVE-2006-1654 | 1 Hp | 9 Color Laserjet, Color Laserjet 2500, Color Laserjet 2500 Toolbox and 6 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225. | ||||
| CVE-2003-0839 | 1 Microsoft | 1 Windows 2003 Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. | ||||
| CVE-2003-0844 | 1 Schroepl | 1 Mod Gzip | 2026-04-16 | 7.1 High |
| mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled. | ||||
| CVE-2004-0033 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command. | ||||