Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0313 | 1 Snowblind.net | 1 Snowblind Web Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitrary directory contents via a ... (triple dot) in an HTTP request. | ||||
| CVE-2003-0314 | 1 Snowblind.net | 1 Snowblind Web Server | 2025-04-03 | N/A |
| Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "</" sequence. | ||||
| CVE-2003-0328 | 2 Epic, Redhat | 2 Epic4, Linux | 2025-04-03 | N/A |
| EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP request from a large nickname, which causes an incorrect length calculation. | ||||
| CVE-2003-0330 | 1 Ambrosia Software | 1 Maelstrom | 2025-04-03 | N/A |
| Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a long -player command line argument. | ||||
| CVE-2003-0331 | 1 Ttcms | 1 Ttforum | 2025-04-03 | N/A |
| SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page. | ||||
| CVE-2003-0343 | 1 Selom Ofori | 1 Blackmoon Ftp Server | 2025-04-03 | N/A |
| BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "Account does not exist" error message when an invalid username is entered, which makes it easier for remote attackers to conduct brute force attacks. | ||||
| CVE-2003-0350 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function. | ||||
| CVE-2003-0346 | 1 Microsoft | 1 Directx | 2025-04-03 | N/A |
| Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow. | ||||
| CVE-2003-0347 | 1 Microsoft | 4 Office, Project, Visio and 1 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. | ||||
| CVE-2003-0348 | 1 Microsoft | 1 Windows Media Player | 2025-04-03 | N/A |
| A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. | ||||
| CVE-2003-0364 | 1 Redhat | 2 Enterprise Linux, Linux | 2025-04-03 | N/A |
| The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. | ||||
| CVE-2003-0366 | 1 Lysator | 1 Lyskom-server | 2025-04-03 | N/A |
| lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query. | ||||
| CVE-2003-0371 | 1 Prishtina Soft | 1 Prishtina Ftp | 2025-04-03 | N/A |
| Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner. | ||||
| CVE-2003-0381 | 1 Norman Ramsey | 1 Noweb | 2025-04-03 | N/A |
| Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script. | ||||
| CVE-2003-0397 | 1 Sharman Networks | 1 Kazaa | 2025-04-03 | N/A |
| Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 and possibly other versions and products, allows remote attackers to execute arbitrary code via a packet containing a large list of supernodes, aka "Packet 0' death." | ||||
| CVE-2003-0398 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2025-04-03 | N/A |
| Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is later displayed. | ||||
| CVE-2003-0399 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2025-04-03 | N/A |
| Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template. | ||||
| CVE-2003-0401 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2025-04-03 | N/A |
| Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. | ||||
| CVE-2003-0402 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2025-04-03 | N/A |
| The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks. | ||||
| CVE-2003-0414 | 1 Sun | 1 One Application Server | 2025-04-03 | N/A |
| The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile. | ||||