Export limit exceeded: 345573 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345573 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0586 | 1 Brooky | 1 Estore | 2026-04-16 | N/A |
| Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain sensitive path information via a direct HTTP request to settings.inc.php. | ||||
| CVE-2003-0587 | 1 Infopop | 1 Ultimate Bulletin Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "displayed name" attribute of the "ubber" cookie. | ||||
| CVE-2003-0588 | 1 Digi-fx | 1 Digi-news | 2026-04-16 | N/A |
| admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | ||||
| CVE-2003-0589 | 1 Digi-fx | 1 Digi-news | 2026-04-16 | N/A |
| admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | ||||
| CVE-2005-1094 | 1 Network-client.com | 1 Ftp Now | 2026-04-16 | N/A |
| FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges. | ||||
| CVE-2006-1321 | 1 Webcheck | 1 Webcheck | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the (1) url, (2) title, or (3) author name in a crawled page, which is not properly sanitized in the tooltips of a report. | ||||
| CVE-2003-0593 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2003-0594 | 2 Mozilla, Redhat | 3 Mozilla, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2003-0595 | 1 Terascript | 1 Wintango Application Server | 2026-04-16 | N/A |
| Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference. | ||||
| CVE-2003-0597 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges. | ||||
| CVE-2006-1329 | 2 Jabberstudio, Redhat | 3 Jabberd, Network Proxy, Network Satellite | 2026-04-16 | N/A |
| The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza". | ||||
| CVE-2006-2656 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. | ||||
| CVE-2005-1151 | 1 Debian | 1 Qpopper | 2026-04-16 | N/A |
| qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root. | ||||
| CVE-2003-0603 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions. | ||||
| CVE-2003-0604 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. | ||||
| CVE-2003-0606 | 2 Cvsup, Sup | 2 Cvsup-mirror, Sup | 2026-04-16 | N/A |
| sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | ||||
| CVE-2005-1174 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2026-04-16 | N/A |
| MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory. | ||||
| CVE-2003-0612 | 1 Robert Hyatt | 1 Crafty | 2026-04-16 | N/A |
| Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileges via long command line arguments to crafty.bin. | ||||
| CVE-2003-0610 | 1 Mcafee | 1 Epolicy Orchestrator | 2026-04-16 | N/A |
| Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. | ||||
| CVE-2003-0611 | 1 Xtokkaetama | 1 Xtokkaetama | 2026-04-16 | N/A |
| Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. | ||||