Export limit exceeded: 29836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29836 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1138 | 1 Redhat | 1 Interchange | 2025-04-03 | N/A |
| The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//). | ||||
| CVE-2003-1141 | 1 Network Instruments | 1 Niprint Lpd-lpr Print Server | 2025-04-03 | N/A |
| Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515. | ||||
| CVE-2003-1144 | 1 Perception | 1 Liteserve | 2025-04-03 | N/A |
| Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name. | ||||
| CVE-2003-1145 | 1 Openautoclassifieds | 1 Openautoclassifieds | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter. | ||||
| CVE-2006-3113 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-03 | N/A |
| Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption. | ||||
| CVE-2003-1146 | 1 John Beatty | 1 Easy Php Photo Album | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | ||||
| CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2025-04-03 | N/A |
| Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | ||||
| CVE-2003-1152 | 1 Infrontech | 1 Webtide | 2025-04-03 | N/A |
| WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?"). | ||||
| CVE-2003-1154 | 1 Clearswift | 1 Mailsweeper | 2025-04-03 | N/A |
| MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants. | ||||
| CVE-2003-1155 | 1 X-cd-roast | 1 X-cd-roast | 2025-04-03 | N/A |
| X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file. | ||||
| CVE-2003-1156 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | N/A |
| Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. | ||||
| CVE-2003-1157 | 1 Citrix | 1 Metaframe | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter. | ||||
| CVE-2003-1160 | 1 Seyeon | 1 Flexwatch Network Video Server | 2025-04-03 | N/A |
| FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). | ||||
| CVE-2003-1163 | 1 Ganglia | 1 Gmond | 2025-04-03 | N/A |
| hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | ||||
| CVE-2003-1164 | 1 Mldonkey | 1 Mldonkey | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remote attackers to inject arbitrary web script or HTML via the URI, which is injected into the HTML error page. | ||||
| CVE-2003-1165 | 1 Brs | 1 Webweaver | 2025-04-03 | N/A |
| Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header. | ||||
| CVE-2003-1166 | 1 Http Commander | 1 Http Commander | 2025-04-03 | N/A |
| Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2003-1167 | 1 Gernot Stocker | 1 Kpopup | 2025-04-03 | N/A |
| misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program. | ||||
| CVE-2003-1168 | 1 Http Commander | 1 Http Commander | 2025-04-03 | N/A |
| HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. | ||||
| CVE-2003-1161 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function. | ||||