Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1090 | 1 Celestial Software | 1 Absolutetelnet | 2025-04-03 | N/A |
| Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title. | ||||
| CVE-2003-1126 | 1 Sun | 1 One Web Server | 2025-04-03 | N/A |
| Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. | ||||
| CVE-2003-1123 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | N/A |
| Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model. | ||||
| CVE-2003-1124 | 1 Sun | 1 Management\+center | 2025-04-03 | N/A |
| Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), when installed and run by root, allows local users to create or modify arbitrary files. | ||||
| CVE-2003-1127 | 1 Whale Communications | 1 E-gap | 2025-04-03 | N/A |
| Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor. | ||||
| CVE-2003-1128 | 1 X2 Studios | 1 Xmms Remote | 2025-04-03 | N/A |
| XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086. | ||||
| CVE-2003-1129 | 1 Yahoo | 1 Audio Conferencing Activex Control | 2025-04-03 | N/A |
| Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat. | ||||
| CVE-2003-1161 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function. | ||||
| CVE-2003-1163 | 1 Ganglia | 1 Gmond | 2025-04-03 | N/A |
| hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | ||||
| CVE-2003-1164 | 1 Mldonkey | 1 Mldonkey | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remote attackers to inject arbitrary web script or HTML via the URI, which is injected into the HTML error page. | ||||
| CVE-2003-1165 | 1 Brs | 1 Webweaver | 2025-04-03 | N/A |
| Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header. | ||||
| CVE-2003-1166 | 1 Http Commander | 1 Http Commander | 2025-04-03 | N/A |
| Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2003-1167 | 1 Gernot Stocker | 1 Kpopup | 2025-04-03 | N/A |
| misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program. | ||||
| CVE-2003-1168 | 1 Http Commander | 1 Http Commander | 2025-04-03 | N/A |
| HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. | ||||
| CVE-2003-1182 | 1 Mpm | 1 Mpm Guestbook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. | ||||
| CVE-2003-1181 | 1 Advanced Poll | 1 Advanced Poll | 2025-04-03 | N/A |
| Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. | ||||
| CVE-2003-1184 | 1 Thwboard | 1 Thwboard | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs." | ||||
| CVE-2003-1186 | 1 Telcondex | 1 Simplewebserver | 2025-04-03 | N/A |
| Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. | ||||
| CVE-2003-1213 | 1 Maxwebportal | 1 Maxwebportal | 2025-04-03 | N/A |
| The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb. | ||||
| CVE-2003-1210 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or the (2) min parameter to the search function. | ||||