Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0120 | 1 Mhc-utils | 1 Mhc-utils | 2026-04-16 | N/A |
| adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name. | ||||
| CVE-2003-0124 | 2 Andries Brouwer, Redhat | 3 Man, Enterprise Linux, Linux | 2026-04-16 | N/A |
| man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. | ||||
| CVE-2003-0130 | 2 Redhat, Ximian | 2 Linux, Evolution | 2026-04-16 | N/A |
| The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image. | ||||
| CVE-2003-0140 | 2 Mutt, Redhat | 3 Mutt, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder. | ||||
| CVE-2003-0142 | 1 Adobe | 1 Acrobat Reader | 2026-04-16 | N/A |
| Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function. | ||||
| CVE-2003-0149 | 1 Mcafee | 1 Epolicy Orchestrator | 2026-04-16 | N/A |
| Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters. | ||||
| CVE-2003-0160 | 2 Redhat, Squirrelmail | 2 Linux, Squirrelmail | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser. | ||||
| CVE-2000-0048 | 1 Corel | 1 Linux | 2026-04-16 | N/A |
| get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. | ||||
| CVE-2004-1457 | 1 Novell | 1 Bordermanager | 2026-04-16 | N/A |
| The Virtual Private Network (VPN) capability in Novell Bordermanager 3.8 allows remote attackers to cause a denial of service (ABEND in IKE.NLM) via a malformed IKE packet, as sent by the Striker ISAKMP Protocol Test Suite. | ||||
| CVE-2004-1756 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers. | ||||
| CVE-2005-1495 | 1 Oracle | 3 Application Server, Oracle10g, Oracle9i | 2026-04-16 | N/A |
| Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection. | ||||
| CVE-2005-3953 | 1 Bedeng Psp | 1 Bedeng Psp | 2026-04-16 | N/A |
| SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php, or (3) ckode parameter to baca.php. | ||||
| CVE-2003-0161 | 5 Compaq, Hp, Redhat and 2 more | 11 Tru64, Hp-ux, Hp-ux Series 700 and 8 more | 2026-04-16 | N/A |
| The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. | ||||
| CVE-2003-0163 | 1 Gaim-encryption | 1 Gaim-encryption | 2026-04-16 | N/A |
| decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte. | ||||
| CVE-2003-0168 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL. | ||||
| CVE-2003-0169 | 1 Hp | 1 Instant Toptools | 2026-04-16 | N/A |
| hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. | ||||
| CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | ||||
| CVE-2003-0173 | 2 Sgi, Xfsdump | 2 Irix, Xfsdump | 2026-04-16 | N/A |
| xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges. | ||||
| CVE-2003-0277 | 1 Happycgi | 1 Happymall | 2026-04-16 | N/A |
| Directory traversal vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the file parameter. | ||||
| CVE-2003-0301 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | ||||