Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1131 | 1 Activecampaign | 1 Knowledgebuilder | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2003-1139 | 1 Musicqueue | 1 Musicqueue | 2026-04-16 | N/A |
| Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file. | ||||
| CVE-2003-1169 | 1 Datev | 1 Nutzungskontrolle | 2026-04-16 | N/A |
| DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle. | ||||
| CVE-2003-1170 | 1 Gernot Stocker | 1 Kpopup | 2026-04-16 | N/A |
| Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments. | ||||
| CVE-2003-1178 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the (1) id, (2) template_set, or (3) action parameter. | ||||
| CVE-2003-1212 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. | ||||
| CVE-2003-1226 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords. | ||||
| CVE-2003-1237 | 1 Matt Wright | 1 Wwwboard | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. | ||||
| CVE-2003-1270 | 1 An | 1 An-http | 2026-04-16 | N/A |
| AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability. | ||||
| CVE-2003-1276 | 1 Nettelephone | 1 Nettelephone | 2026-04-16 | N/A |
| Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts. | ||||
| CVE-2003-1294 | 2 Redhat, Xscreensaver | 2 Enterprise Linux, Xscreensaver | 2026-04-16 | N/A |
| Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2003-1330 | 2 Clearswift Limited, Microsoft | 2 Mailsweeper, All Windows | 2026-04-16 | N/A |
| Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove. | ||||
| CVE-2004-0001 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges. | ||||
| CVE-2004-0010 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges. | ||||
| CVE-2004-0029 | 1 Ibm | 1 Lotus Domino | 2026-04-16 | N/A |
| Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges. | ||||
| CVE-2004-0143 | 1 Nokia | 1 6310i | 2026-04-16 | N/A |
| Multiple vulnerabilities in Nokia 6310(i) Mobile phones allow remote attackers to cause a denial of service (reset) via malformed Bluetooth OBject EXchange (OBEX) messages, probably triggering buffer overflows. | ||||
| CVE-2004-0232 | 5 Gentoo, Midnight Commander, Redhat and 2 more | 6 Linux, Midnight Commander, Enterprise Linux and 3 more | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2004-0300 | 1 Ecommerce Corporation Online | 1 Store Kit | 2026-04-16 | N/A |
| SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL and gain unauthorized access via (1) the cat parameter in shop.php, (2) the id parameter in more.php, (3) the cat_manufacturer parameter in shop_by_brand.php, or (4) the id parameter in listing.php. | ||||
| CVE-2003-0282 | 3 Info-zip, Redhat, Sco | 5 Unzip, Enterprise Linux, Linux and 2 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. | ||||
| CVE-2004-0312 | 1 Linksys | 1 Wap55ag | 2026-04-16 | N/A |
| Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2. | ||||