Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0112 | 1 Microsoft | 4 Windows 2000, Windows 2000 Terminal Services, Windows Nt and 1 more | 2025-04-03 | N/A |
| Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. | ||||
| CVE-2002-1699 | 1 Pascal Michaud | 1 Asp Client Check | 2025-04-03 | N/A |
| SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field. | ||||
| CVE-2003-0148 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | N/A |
| The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, (2) crack the password due to weak cryptography, and (3) use the password to pass commands through xp_cmdshell. | ||||
| CVE-2003-0149 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | N/A |
| Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters. | ||||
| CVE-2003-0150 | 2 Oracle, Redhat | 3 Mysql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf. | ||||
| CVE-2003-0193 | 1 Catdoc | 1 Catdoc | 2025-04-03 | N/A |
| msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names ("word$$.html"). | ||||
| CVE-2003-0210 | 1 Cisco | 1 Secure Access Control Server | 2025-04-03 | N/A |
| Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002. | ||||
| CVE-2003-0241 | 1 Frontrange | 1 Goldmine | 2025-04-03 | N/A |
| FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attackers to execute arbitrary code via a message that is rendered in IE using a less secure zone. | ||||
| CVE-2003-0289 | 1 Cdrtools | 1 Cdrecord | 2025-04-03 | N/A |
| Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter. | ||||
| CVE-2002-1698 | 1 Microsoft | 1 Msn Messenger | 2025-04-03 | N/A |
| Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header. | ||||
| CVE-2003-0322 | 1 Colten Edwards | 1 Bitchx | 2025-04-03 | N/A |
| Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service (crash). | ||||
| CVE-2003-0360 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2003-0391 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2025-04-03 | N/A |
| Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command. | ||||
| CVE-2003-0392 | 1 St | 1 Ftp Service | 2025-04-03 | N/A |
| Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:). | ||||
| CVE-2003-0394 | 1 Blnews | 1 Blnews | 2025-04-03 | N/A |
| objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[path] parameter that points to malicious code on an attacker-controlled web site. | ||||
| CVE-2003-0420 | 1 Apple | 1 Mac Os X Server | 2025-04-03 | N/A |
| Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool. | ||||
| CVE-2003-0422 | 1 Apple | 1 Darwin Streaming Server | 2025-04-03 | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters. | ||||
| CVE-2003-0423 | 1 Apple | 1 Darwin Streaming Server | 2025-04-03 | N/A |
| parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter. | ||||
| CVE-2003-0424 | 1 Apple | 1 Darwin Streaming Server | 2025-04-03 | N/A |
| Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi. | ||||
| CVE-2003-0470 | 1 Symantec | 1 Security Check | 2025-04-03 | N/A |
| Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings. | ||||