Export limit exceeded: 349411 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349411 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0026 | 2 Isc, Redhat | 2 Dhcpd, Linux | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. | ||||
| CVE-2003-0030 | 1 Protegrity | 1 Secure.data | 2026-04-16 | N/A |
| Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select. | ||||
| CVE-2003-0031 | 1 Mcrypt | 1 Libmcrypt | 2026-04-16 | N/A |
| Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash). | ||||
| CVE-2003-0034 | 1 Jean-jacques Sarton | 1 Mtink | 2026-04-16 | N/A |
| Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable. | ||||
| CVE-2003-0035 | 1 Robert Krawitz | 1 Escputil | 2026-04-16 | N/A |
| Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument. | ||||
| CVE-2003-0036 | 1 Rildo Pragana | 1 Ml85p | 2026-04-16 | N/A |
| ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d". | ||||
| CVE-2003-0037 | 1 Noffle | 1 Noffle | 2026-04-16 | N/A |
| Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code. | ||||
| CVE-2003-0038 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. | ||||
| CVE-2003-0040 | 2 Double Precision Incorporated, Inter7 | 2 Courier Mta, Courier-imap | 2026-04-16 | N/A |
| SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name. | ||||
| CVE-2003-0042 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character. | ||||
| CVE-2003-0044 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML. | ||||
| CVE-2003-0045 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp. | ||||
| CVE-2003-0046 | 1 Celestial Software | 1 Absolutetelnet | 2026-04-16 | N/A |
| AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | ||||
| CVE-2003-0048 | 1 Putty | 1 Putty | 2026-04-16 | N/A |
| PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | ||||
| CVE-2003-0052 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. | ||||
| CVE-2003-0054 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. | ||||
| CVE-2003-0055 | 1 Apple | 1 Quicktime Darwin Mp3 Broadcaster | 2026-04-16 | N/A |
| Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename. | ||||
| CVE-2003-0056 | 2 Redhat, Slocate | 2 Enterprise Linux, Slocate | 2026-04-16 | N/A |
| Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument. | ||||
| CVE-2003-0060 | 1 Mit | 1 Kerberos 5 | 2026-04-16 | N/A |
| Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. | ||||
| CVE-2003-0061 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. | ||||