Export limit exceeded: 357829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 357829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357829 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0012 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. | ||||
| CVE-2003-0015 | 3 Cvs, Freebsd, Redhat | 4 Cvs, Freebsd, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. | ||||
| CVE-2003-0016 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. | ||||
| CVE-2003-0017 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. | ||||
| CVE-2003-0019 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode. | ||||
| CVE-2003-0020 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Linux and 2 more | 2026-04-16 | N/A |
| Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. | ||||
| CVE-2003-0021 | 1 Michael Jennings | 1 Eterm | 2026-04-16 | N/A |
| The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. | ||||
| CVE-2003-0022 | 2 Redhat, Rxvt | 3 Enterprise Linux, Linux, Rxvt | 2026-04-16 | N/A |
| The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. | ||||
| CVE-2003-0023 | 2 Redhat, Rxvt | 3 Enterprise Linux, Linux, Rxvt | 2026-04-16 | N/A |
| The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | ||||
| CVE-2003-0027 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. | ||||
| CVE-2003-0033 | 1 Snort | 1 Snort | 2026-04-16 | N/A |
| Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets. | ||||
| CVE-2003-0039 | 2 Isc, Redhat | 2 Dhcpd, Linux | 2026-04-16 | N/A |
| ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. | ||||
| CVE-2003-0043 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. | ||||
| CVE-2003-0051 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. | ||||
| CVE-2003-0053 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. | ||||
| CVE-2003-0058 | 3 Mit, Redhat, Sun | 6 Kerberos 5, Enterprise Linux, Linux and 3 more | 2026-04-16 | N/A |
| MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | ||||
| CVE-2003-1416 | 1 Bisonftp | 1 Bisonftp Server 4 | 2026-04-16 | N/A |
| BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. | ||||
| CVE-2003-1424 | 1 Petitforum | 1 Petitforum | 2026-04-16 | N/A |
| message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie. | ||||
| CVE-2003-1425 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter. | ||||
| CVE-2003-1427 | 1 Netgear | 1 Fm114p | 2026-04-16 | N/A |
| Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | ||||