Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1454 4 Invision Power Services, Linux, Microsoft and 1 more 4 Invision Board, Linux Kernel, All Windows and 1 more 2026-04-16 N/A
Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access.
CVE-2003-1455 1 Poptop 1 Pptp Server 2026-04-16 N/A
Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.
CVE-2003-1456 4 Linux, Microsoft, Mike Bobbitt and 1 more 4 Linux Kernel, All Windows, Album.pl and 1 more 2026-04-16 N/A
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors.
CVE-2003-1485 1 Clearswift 1 Mailsweeper 2026-04-16 N/A
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."
CVE-2003-1495 1 Hp 3 Insight Management Suite, Insight Manager, Remote Diagnostics Enabling Agent 2026-04-16 N/A
Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors.
CVE-2003-1505 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved.
CVE-2003-1545 2 Nukestyles, Phpnuke 2 Viewpage, Nukestyles Viewpage Module 2026-04-16 N/A
Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addon.
CVE-2003-1563 1 Sun 3 Cluster, Solaris, Sunos 2026-04-16 N/A
Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration.
CVE-2003-1554 1 Scoznet 1 Scozbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.
CVE-2003-1559 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
CVE-2004-0003 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
CVE-2004-0013 1 Jabber Software Foundation 1 Jabber Server 2026-04-16 N/A
jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).
CVE-2004-0044 1 Cisco 1 Personal Assistant 2026-04-16 N/A
Cisco Personal Assistant 1.4(1) and 1.4(2) disables password authentication when "Allow Only Cisco CallManager Users" is enabled and the Corporate Directory settings refer to the directory service being used by Cisco CallManager, which allows remote attackers to gain access with a valid username.
CVE-2004-0135 1 Sgi 1 Irix 2026-04-16 N/A
The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.
CVE-2004-0148 3 Redhat, Sgi, Washington University 3 Enterprise Linux, Propack, Wu-ftpd 2026-04-16 N/A
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
CVE-2004-0248 1 Phpx 1 Phpx 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subject field in Personal Messages and Forum.
CVE-2004-0219 1 Openbsd 1 Openbsd 2026-04-16 N/A
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0304 1 Webcortex 1 Webstores 2000 2026-04-16 N/A
SQL injection vulnerability in browse_items.asp in WebCortex WebStores 2000 6.0 allows remote attackers to gain unauthorized access and execute arbitrary commands via the Search_Text parameter.
CVE-2002-2261 1 Sendmail 1 Sendmail 2026-04-16 N/A
Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.
CVE-2003-0134 1 Apache 1 Http Server 2026-04-16 N/A
Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.