Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0344 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
CVE-2005-2469 1 Novell 1 Netmail 2026-04-16 N/A
Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command.
CVE-2003-0353 1 Microsoft 1 Data Access Components 2026-04-16 N/A
Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434.
CVE-2005-2473 1 Churchinfo 1 Churchinfo 2026-04-16 N/A
Multiple SQL injection vulnerabilities in ChurchInfo allow remote attackers to execute arbitrary SQL commands via the PersonID parameter to (1) PersonView.php, (2) MemberRoleChange.php, (3) PropertyAssign.php, (4) WhyCameEditor.php, (5) GroupPropsEditor.php, (6) Reports/PDFLabel.php, or (7) UserDelete.php, (8) DepositSlipID parameter to DepositSlipEditor.php, (9) QueryID parameter to QueryView.php, GroupID parameter to (10) GroupView.php, (11) GroupMemberList.php, (12) MemberRoleChange.php, (13) GroupDelete.php, (14) /Reports/ClassAttendance.php, or (15) /Reports/GroupReport.php, (16) PropertyID parameter to PropertyEditor.php, FamilyID parameter to (17) Canvas05Editor.php, (18) CanvasEditor.php, or (19) FamilyView.php, or (20) PledgeID parameter to PledgeDetails.php.
CVE-2003-0363 1 Licq 1 Licq 2026-04-16 N/A
Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers.
CVE-2003-0371 1 Prishtina Soft 1 Prishtina Ftp 2026-04-16 N/A
Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner.
CVE-2005-2482 1 Metasploit 1 Metasploit Framework 2026-04-16 N/A
The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the "_Defanged" environment option is checked when processing the Exploit command.
CVE-2003-0596 1 Fdclone 1 Fdclone 2026-04-16 N/A
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.
CVE-2006-3114 1 Pc Tools 1 Pc Tools Antivirus 2026-04-16 N/A
PC Tools AntiVirus 2.1.0.51 uses insecure default permissions on the "PC Tools AntiVirus" directory, which allows local users to gain privileges and execute commands.
CVE-2003-0619 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
CVE-2005-2569 1 Funkboard 1 Funkboard 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
CVE-2003-0603 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions.
CVE-2003-0621 1 Bea 2 Tuxedo, Weblogic Server 2026-04-16 N/A
The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument.
CVE-2003-0622 1 Bea 2 Tuxedo, Weblogic Server 2026-04-16 N/A
The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname arguments that contain MS-DOS device names such as CON and AUX.
CVE-2005-2573 2 Mysql, Oracle 2 Mysql, Mysql 2026-04-16 N/A
The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
CVE-2003-0639 1 Novell 1 Ichain 2026-04-16 N/A
Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication.
CVE-2003-0629 1 Peoplesoft 1 Peopletools 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript.
CVE-2003-0640 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges.
CVE-2003-0643 1 Linux 1 Linux Kernel 2026-04-16 N/A
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
CVE-2003-0648 2 Debian, Fte 2 Debian Linux, Fte Text Editor 2026-04-16 N/A
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.