Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2190 1 Artscore Studios 1 Cutecast Forum 2026-04-16 N/A
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file.
CVE-2003-0323 1 Michael Sandrof 1 Ircii 2026-04-16 N/A
Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_join_channel, (3) status_make_printable for Statusbar drawing, (4) create_server_list, and possibly other functions.
CVE-2003-0324 1 Epic 1 Epic4 2026-04-16 N/A
Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly handled by the (1) userhost_cmd_returned function, or (2) Statusbar capability.
CVE-2003-0325 1 Ambrosia Software 1 Maelstrom 2026-04-16 N/A
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.
CVE-2003-0326 1 Slocate 1 Slocate 2026-04-16 N/A
Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to malloc.
CVE-2003-0327 1 Sybase 1 Adaptive Server Enterprise 2026-04-16 N/A
Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow.
CVE-2003-0329 1 Aclogic 1 Cesarftp 2026-04-16 N/A
CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges.
CVE-2003-0330 1 Ambrosia Software 1 Maelstrom 2026-04-16 N/A
Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a long -player command line argument.
CVE-2003-0331 1 Ttcms 1 Ttforum 2026-04-16 N/A
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page.
CVE-2003-0332 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats extension instead of a .hts extension.
CVE-2003-0333 1 Hp 1 Hp-ux 2026-04-16 N/A
Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.
CVE-2003-0334 1 Colten Edwards 1 Bitchx 2026-04-16 N/A
BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a denial of service (core dump) via certain channel mode changes that are not properly handled in names.c.
CVE-2003-0335 1 Slackware 1 Slackware Linux 2026-04-16 N/A
rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec.
CVE-2003-0336 1 Qualcomm 1 Eudora 2026-04-16 N/A
Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora.
CVE-2003-0338 1 Wsmp3 2 Wsmp3 Daemon, Wsmp3 Web Server 2026-04-16 N/A
Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests.
CVE-2003-0350 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function.
CVE-2003-0353 1 Microsoft 1 Data Access Components 2026-04-16 N/A
Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434.
CVE-2003-0357 2 Ethereal Group, Redhat 3 Ethereal, Enterprise Linux, Linux 2026-04-16 N/A
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
CVE-2003-0359 1 Stichting Mathematisch Centrum 1 Nethack 2026-04-16 N/A
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
CVE-2003-0360 1 Debian 1 Debian Linux 2026-04-16 N/A
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.