Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-0513 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Internet Explorer to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVE-2003-0514 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVE-2003-0523 1 Early Impact 1 Productcart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter.
CVE-2003-0539 3 Ddskk, Redhat, Skk 6 Ddskk, Daredevil Skk, Ddskk-xemacs and 3 more 2026-04-16 N/A
skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files.
CVE-2003-0540 3 Conectiva, Redhat, Wietse Venema 3 Linux, Linux, Postfix 2026-04-16 N/A
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
CVE-2003-0548 2 Gnome, Redhat 5 Gdm, Enterprise Linux, Kdebase and 2 more 2026-04-16 N/A
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
CVE-2003-0554 1 Neomodus 1 Direct Connect 2026-04-16 N/A
NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports.
CVE-2003-0557 1 Lagarde 1 Storefront 2026-04-16 N/A
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.
CVE-2003-0558 1 Leapware 1 Leapftp 2026-04-16 N/A
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.
CVE-2003-0592 2 Kde, Redhat 4 Konqueror, Konqueror Embedded, Enterprise Linux and 1 more 2026-04-16 N/A
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVE-2003-0596 1 Fdclone 1 Fdclone 2026-04-16 N/A
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.
CVE-2003-0502 1 Apple 1 Darwin Streaming Server 2026-04-16 N/A
Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421.
CVE-2003-0496 1 Microsoft 2 Windows 2000, Windows 2000 Terminal Services 2026-04-16 N/A
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.
CVE-2003-0492 1 Snitz Communications 1 Snitz Forums 2000 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter.
CVE-2003-0491 1 Mytutorials 1 Tutorials 2026-04-16 N/A
The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file.
CVE-2003-0470 1 Symantec 1 Security Check 2026-04-16 N/A
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.
CVE-2003-0465 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
CVE-2006-2797 1 Phpcommunitycalendar 1 Phpcommunitycalendar 2026-04-16 N/A
Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) CalendarDetailsID parameter in (a) month.php, (b) day.php, and (c) delCalendar.php; (2) ID parameter in (d) event.php; (3) AdminUserID parameter in (e) delAdmin.php; (4) EventLocationID parameter in (f) delAddress.php; and (5) LocationID parameter in (g) delCategory.php.
CVE-2006-2794 1 Aspsitem 1 Aspsitem 2026-04-16 N/A
Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter.
CVE-2006-0392 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Canon RAW image.