Export limit exceeded: 344892 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344892 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2026-04-16 | 6.2 Medium |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 7 Safari, Kde, Konqueror Embedded and 4 more | 2026-04-16 | N/A |
| Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | ||||
| CVE-2005-3837 | 1 Scssboard | 1 Scssboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the search module in sCssBoard 1.2 and 1.12, and earlier versions, allows remote attackers to inject arbitrary web script or HTML via the search_term parameter. | ||||
| CVE-2003-0372 | 1 Nessus | 1 Nessus | 2026-04-16 | N/A |
| Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script. | ||||
| CVE-2005-3838 | 1 Isolsoft | 1 Support Center | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in search.php in IsolSoft Support Center 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) lorder, (2) Priority, (3) Status, (4) Category, (5) searchvalue, and (6) field parameter. | ||||
| CVE-2003-0375 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter. | ||||
| CVE-2003-0377 | 1 Iisprotect | 1 Iisprotect | 2026-04-16 | N/A |
| SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP. | ||||
| CVE-2005-3839 | 1 Supportpro | 1 Supportdesk | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk allows remote attackers to inject arbitrary web script or HTML via the (1) post tickers and (2) view tickets options. | ||||
| CVE-2003-0380 | 1 Atftpd | 1 Atftpd | 2026-04-16 | N/A |
| Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename. | ||||
| CVE-2003-0386 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-16 | N/A |
| OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. | ||||
| CVE-2003-0388 | 2 Andrew Morgan, Redhat | 2 Linux Pam, Enterprise Linux | 2026-04-16 | N/A |
| pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name. | ||||
| CVE-2003-0389 | 1 Rsa | 1 Ace Agent | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the script. | ||||
| CVE-2005-3840 | 1 Omnistar Interactive | 1 Omnistar Live | 2026-04-16 | N/A |
| SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240. | ||||
| CVE-2003-0390 | 1 James Theiler | 1 Opt | 2026-04-16 | N/A |
| Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi. | ||||
| CVE-2003-0391 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2026-04-16 | N/A |
| Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command. | ||||
| CVE-2003-0392 | 1 St | 1 Ftp Service | 2026-04-16 | N/A |
| Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:). | ||||
| CVE-2003-0393 | 1 Privacyware | 1 Privatefirewall | 2026-04-16 | N/A |
| Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans. | ||||
| CVE-2005-3841 | 1 Kplaylist | 1 Kplaylist | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchfor search parameter. | ||||
| CVE-2003-0394 | 1 Blnews | 1 Blnews | 2026-04-16 | N/A |
| objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[path] parameter that points to malicious code on an attacker-controlled web site. | ||||
| CVE-2003-0395 | 1 Myupb | 1 Ultimate Php Board | 2026-04-16 | N/A |
| Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_iplog.php. | ||||