Export limit exceeded: 20133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364285 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0223 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message.
CVE-2003-0222 1 Oracle 3 Database Server, Oracle8i, Oracle9i 2026-04-16 N/A
Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.
CVE-2003-0221 1 Hp 1 Tru64 2026-04-16 N/A
The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.
CVE-2005-0548 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function.
CVE-2003-0220 1 Kerio 1 Personal Firewall 2 2026-04-16 N/A
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
CVE-2003-0216 1 Cisco 1 Catos 2026-04-16 N/A
Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.
CVE-2003-0213 1 Poptop 1 Pptp Server 2026-04-16 N/A
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
CVE-2005-0520 1 Argosoft 1 Ftp Server 2026-04-16 N/A
ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519.
CVE-1999-1273 1 National Science Foundation 1 Squid Web Proxy 2026-04-16 N/A
Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences.
CVE-2003-0212 1 Rinetd 1 Rinetd 2026-04-16 N/A
handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of connections.
CVE-2003-0211 2 Redhat, Xinetd 3 Enterprise Linux, Linux, Xinetd 2026-04-16 N/A
Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.
CVE-2003-0205 1 Gkrellm Newsticker 1 Gkrellm Newsticker 2026-04-16 N/A
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the ticker title of a URI.
CVE-2003-0204 2 Kde, Redhat 3 Kde, Enterprise Linux, Linux 2026-04-16 N/A
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
CVE-2003-1450 1 Bitchx 1 Bitchx 2026-04-16 N/A
BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message.
CVE-2004-2696 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user identity" to be used in an RMI call.
CVE-1999-1126 1 Cisco 1 Resource Manager 2026-04-16 N/A
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
CVE-2003-0116 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution."
CVE-2004-2704 2 Hastymail, Microsoft 2 Hastymail, Internet Explorer 2026-04-16 N/A
Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-site scripting (XSS) and possibly other attacks.
CVE-2003-0117 1 Microsoft 1 Biztalk Server 2026-04-16 N/A
Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver.
CVE-2003-0119 1 Ibm 1 Aix 2026-04-16 N/A
The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities.