Export limit exceeded: 351172 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351172 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351172 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1012 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets. | ||||
| CVE-2003-0435 | 1 Typespeed | 1 Typespeed | 2026-04-16 | N/A |
| Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code. | ||||
| CVE-2003-0436 | 1 Mnogosearch | 1 Mnogosearch | 2026-04-16 | N/A |
| Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter. | ||||
| CVE-2003-0440 | 3 Debian, Redhat, Semi | 4 Debian Linux, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0446 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message. | ||||
| CVE-2003-0455 | 2 Imagemagick, Redhat | 2 Libmagick Library, Enterprise Linux | 2026-04-16 | N/A |
| The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files. | ||||
| CVE-2003-1023 | 2 Midnight Commander, Redhat | 3 Midnight Commander, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion. | ||||
| CVE-2003-1025 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability." | ||||
| CVE-2003-0459 | 2 Kde, Redhat | 10 Konqueror, Konqueror Embedded, Analog Real-time Synthesizer and 7 more | 2026-04-16 | N/A |
| KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. | ||||
| CVE-2003-0465 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks. | ||||
| CVE-2003-1026 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstrated by BackToFramedJpu, aka the "Travel Log Cross Domain Vulnerability." | ||||
| CVE-2003-1211 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter. | ||||
| CVE-2003-0468 | 3 Conectiva, Redhat, Wietse Venema | 3 Linux, Linux, Postfix | 2026-04-16 | N/A |
| Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port. | ||||
| CVE-2003-0471 | 1 Alt-n | 1 Webadmin | 2026-04-16 | N/A |
| Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument. | ||||
| CVE-2003-0473 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications. | ||||
| CVE-2003-0476 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. | ||||
| CVE-2003-0477 | 1 Wzdftpd | 1 Wzdftpd | 2026-04-16 | N/A |
| wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command without an argument. | ||||
| CVE-2003-1212 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. | ||||
| CVE-2003-1027 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability." | ||||
| CVE-2003-1213 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb. | ||||