Search Results (366885 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0694 12 Apple, Compaq, Freebsd and 9 more 20 Mac Os X, Mac Os X Server, Tru64 and 17 more 2026-04-16 N/A
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
CVE-2003-0565 2026-04-16 N/A
Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite.
CVE-2003-0581 1 Xfstt 1 Xfstt 2026-04-16 N/A
X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access.
CVE-2004-1037 2 Gentoo, Twiki 2 Linux, Twiki 2026-04-16 N/A
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
CVE-2003-0587 1 Infopop 1 Ultimate Bulletin Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "displayed name" attribute of the "ubber" cookie.
CVE-2003-0589 1 Digi-fx 1 Digi-news 2026-04-16 N/A
admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.
CVE-2003-0597 1 Sco 1 Openserver 2026-04-16 N/A
Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges.
CVE-2003-0604 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL.
CVE-2003-0606 2 Cvsup, Sup 2 Cvsup-mirror, Sup 2026-04-16 N/A
sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
CVE-2003-0605 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
CVE-2003-0609 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
CVE-2003-0615 4 Cgi.pm, Debian, Openpkg and 1 more 5 Cgi.pm, Debian Linux, Openpkg and 2 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
CVE-2003-0627 1 Peoplesoft 1 Peopletools 2026-04-16 N/A
psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to cause a denial of service (application crash), possibly via the headername and footername arguments.
CVE-2003-0630 1 Atari800 1 Atari800 2026-04-16 N/A
Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument.
CVE-2003-0632 1 Oracle 2 Applications, E-business Suite 2026-04-16 N/A
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL.
CVE-2003-0634 1 Oracle 2 Oracle8i, Oracle9i 2026-04-16 N/A
Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.
CVE-2003-0650 1 Gamespy 1 Arcade 2026-04-16 N/A
Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file.
CVE-2003-0652 1 Xtokkaetama 1 Xtokkaetama 2026-04-16 N/A
Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command line argument, a different vulnerability than CVE-2003-0611.
CVE-2003-0653 1 Netbsd 1 Netbsd 2026-04-16 N/A
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.
CVE-2003-0654 1 Autorespond 1 Autorespond 2026-04-16 N/A
Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail.