Export limit exceeded: 366567 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366567 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1361 | 2 Ibm, Veritas | 2 Tivoli Storage Manager, Bare Metal Restore | 2026-04-16 | N/A |
| Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server. | ||||
| CVE-2003-1362 | 1 Hp | 2 Bastille, Hp-ux | 2026-04-16 | N/A |
| Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. | ||||
| CVE-2003-1363 | 1 Aprelium Technologies | 1 Abyss Web Server | 2026-04-16 | N/A |
| The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection. | ||||
| CVE-2003-1365 | 1 Perl | 1 Cgi Lite | 2026-04-16 | N/A |
| The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs. | ||||
| CVE-2003-1366 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information. | ||||
| CVE-2003-1367 | 1 Great Circle Associates | 1 Majordomo | 2026-04-16 | N/A |
| The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command. | ||||
| CVE-2003-1368 | 1 Electrasoft | 1 Ftp Client | 2026-04-16 | N/A |
| Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | ||||
| CVE-2003-1369 | 1 Save It Software Pty | 1 Bytecatcherftp | 2026-04-16 | N/A |
| Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | ||||
| CVE-2003-1370 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module. | ||||
| CVE-2003-1371 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-16 | N/A |
| Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. | ||||
| CVE-2003-1372 | 4 Linux, Microsoft, Myphpnuke and 1 more | 4 Linux Kernel, All Windows, Myphpnuke and 1 more | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. | ||||
| CVE-2003-1373 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php. | ||||
| CVE-2003-1374 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | ||||
| CVE-2003-1375 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. | ||||
| CVE-2003-1376 | 1 Winzip | 1 Winzip | 2026-04-16 | N/A |
| WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. | ||||
| CVE-2003-1377 | 1 Sircd | 1 Sircd | 2026-04-16 | N/A |
| Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 allows remote attackers to execute arbitrary code via a client with a long hostname. | ||||
| CVE-2003-1378 | 1 Microsoft | 2 Outlook, Outlook Express | 2026-04-16 | N/A |
| Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077. | ||||
| CVE-2003-1379 | 1 Point Clark Networks | 1 Clarkconnect | 2026-04-16 | N/A |
| clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which lists the processes, (5) Y, which reveals the snort log files, or (6) b, which reveals /var/log/messages. | ||||
| CVE-2003-1380 | 1 Bisonftp | 1 Bisonftp Server 4 | 2026-04-16 | N/A |
| Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command. | ||||
| CVE-2003-1381 | 1 Amxmod.net | 1 Amx Mod | 2026-04-16 | N/A |
| Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command. | ||||