Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0338 1 Wsmp3 2 Wsmp3 Daemon, Wsmp3 Web Server 2026-04-16 N/A
Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests.
CVE-2003-0341 1 Owl 1 Owl Intranet Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field.
CVE-2003-0336 1 Qualcomm 1 Eudora 2026-04-16 N/A
Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora.
CVE-2003-0342 1 Selom Ofori 1 Blackmoon Ftp Server 2026-04-16 N/A
BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges.
CVE-2003-0337 1 Platform 1 Lsadmin 2026-04-16 N/A
The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute arbitrary programs by modifying the LSF_ENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSF_SERVERDIR to point to a malicious lim program, which lsadmin then executes.
CVE-2003-0361 1 Debian 1 Debian Linux 2026-04-16 N/A
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.
CVE-2003-0359 1 Stichting Mathematisch Centrum 1 Nethack 2026-04-16 N/A
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
CVE-2003-0392 1 St 1 Ftp Service 2026-04-16 N/A
Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:).
CVE-2003-0394 1 Blnews 1 Blnews 2026-04-16 N/A
objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[path] parameter that points to malicious code on an attacker-controlled web site.
CVE-2003-0391 1 Amax Information Technologies 1 Magic Winmail Server 2026-04-16 N/A
Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command.
CVE-2003-0403 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Vignette StoryServer 5 and Vignette V/5 allows remote attackers to read and modify license information, and cause a denial of service (service halt) by directly accessing the /vgn/license template.
CVE-2003-0404 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template.
CVE-2003-0401 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template.
CVE-2003-0402 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks.
CVE-2003-0410 1 Analogx 1 Proxy 2026-04-16 N/A
Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long URL to port 6588.
CVE-2003-0414 1 Sun 1 One Application Server 2026-04-16 N/A
The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.
CVE-2002-1985 1 Incognito Software Inc 1 Ismtp Gateway 2026-04-16 N/A
iSMTP 5.0.1 allows remote attackers to cause a denial of service via a long "MAIL FROM" command, possibly triggering a buffer overflow.
CVE-2002-1972 1 Sebastian Dehne 1 Pp Powerswitch 2026-04-16 N/A
Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforce access controls, which allows local users to access arbitrary ports.
CVE-2002-1964 1 Wesmo 1 Phpeventcalendar 2026-04-16 N/A
Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary commands via unknown attack vectors.
CVE-2002-1967 1 Mark Hanson 1 Xircon 2026-04-16 N/A
Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command.