Export limit exceeded: 351119 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351119 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1245 | 1 Mambo | 1 Mambo Site Server | 2026-04-16 | N/A |
| index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie. | ||||
| CVE-2001-0778 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20). | ||||
| CVE-2001-0781 | 1 Pi-soft | 1 Spoonftp | 2026-04-16 | N/A |
| Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST. | ||||
| CVE-2001-0782 | 1 Kde | 1 Ktv | 2026-04-16 | N/A |
| KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file. | ||||
| CVE-2001-0783 | 1 Cisco | 1 Tftp Server | 2026-04-16 | N/A |
| Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command. | ||||
| CVE-2003-0904 | 1 Microsoft | 3 Exchange Server, Sharepoint Services, Windows Server 2003 | 2026-04-16 | N/A |
| Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed. | ||||
| CVE-2003-1169 | 1 Datev | 1 Nutzungskontrolle | 2026-04-16 | N/A |
| DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle. | ||||
| CVE-2001-0784 | 2 Icecast, Redhat | 2 Icecast, Powertools | 2026-04-16 | N/A |
| Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. | ||||
| CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2026-04-16 | N/A |
| ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | ||||
| CVE-2003-1171 | 1 Mod Security | 1 Mod Security | 2026-04-16 | N/A |
| Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data. | ||||
| CVE-2003-1246 | 1 Pedestal Software | 1 Integrity Protection Driver | 2026-04-16 | N/A |
| NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. | ||||
| CVE-2001-0785 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2026-04-16 | N/A |
| Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2003-0927 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. | ||||
| CVE-2003-1172 | 1 Apache | 1 Cocoon | 2026-04-16 | N/A |
| Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2003-1251 | 1 Nx | 1 N X Web Content Management System 2002 | 2026-04-16 | N/A |
| The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code. | ||||
| CVE-2003-1272 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter. | ||||
| CVE-2003-1278 | 1 Infopop | 1 Opentopic | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags. | ||||
| CVE-2001-0786 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2026-04-16 | N/A |
| Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. | ||||
| CVE-2003-0936 | 1 Symantec | 1 Pcanywhere | 2026-04-16 | N/A |
| Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe. | ||||
| CVE-2001-0787 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges. | ||||