Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0309 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability." | ||||
| CVE-2003-0312 | 1 Snowblind.net | 1 Snowblind Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | ||||
| CVE-2003-0313 | 1 Snowblind.net | 1 Snowblind Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitrary directory contents via a ... (triple dot) in an HTTP request. | ||||
| CVE-2003-0319 | 1 Smartmax Software | 1 Mailmax | 2026-04-16 | N/A |
| Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command. | ||||
| CVE-2003-0323 | 1 Michael Sandrof | 1 Ircii | 2026-04-16 | N/A |
| Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_join_channel, (3) status_make_printable for Statusbar drawing, (4) create_server_list, and possibly other functions. | ||||
| CVE-2003-0338 | 1 Wsmp3 | 2 Wsmp3 Daemon, Wsmp3 Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests. | ||||
| CVE-2003-0353 | 1 Microsoft | 1 Data Access Components | 2026-04-16 | N/A |
| Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434. | ||||
| CVE-2003-0357 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors. | ||||
| CVE-2003-0361 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. | ||||
| CVE-2003-0365 | 1 Icq Inc | 1 Icqlite | 2026-04-16 | N/A |
| ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs. | ||||
| CVE-2003-0404 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template. | ||||
| CVE-2003-0405 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command. | ||||
| CVE-2003-0406 | 1 Palmvnc | 1 Palmvnc | 2026-04-16 | N/A |
| PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges. | ||||
| CVE-2003-0407 | 1 Gnome | 1 Batalla Naval | 2026-04-16 | N/A |
| Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string. | ||||
| CVE-2003-0409 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request. | ||||
| CVE-2003-0423 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter. | ||||
| CVE-2003-0425 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request. | ||||
| CVE-2003-0426 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator. | ||||
| CVE-2003-0429 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow. | ||||
| CVE-2003-0431 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences. | ||||