Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1017 1 Macromedia 2 Director, Flash Player 2026-04-16 N/A
Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names.
CVE-2002-1833 1 Xerox 2 Docutech 6110, Docutech 6115 2026-04-16 N/A
The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges.
CVE-2003-0347 1 Microsoft 4 Office, Project, Visio and 1 more 2026-04-16 N/A
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.
CVE-2003-1018 1 Ibm 1 Aix 2026-04-16 N/A
Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors.
CVE-2002-1834 1 Xerox 2 Docutech 6110, Docutech 6115 2026-04-16 N/A
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history.
CVE-2003-0348 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script.
CVE-2003-1020 2 Irssi, Mandrakesoft 2 Irssi, Mandrake Linux 2026-04-16 N/A
The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).
CVE-2002-1835 1 Xerox 2 Docutech 6110, Docutech 6115 2026-04-16 N/A
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 running Solaris 8.0 has a large number of unnecessary services enabled such as RPC and sprayd, which could allow remote attackers to obtain access to the device.
CVE-2003-1021 1 Sco 1 Openserver 2026-04-16 N/A
The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline.
CVE-2004-0148 3 Redhat, Sgi, Washington University 3 Enterprise Linux, Propack, Wu-ftpd 2026-04-16 N/A
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
CVE-2003-0349 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.
CVE-2002-1836 1 Xerox 2 Docutech 6110, Docutech 6115 2026-04-16 N/A
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.
CVE-2002-1838 1 Steve Sachs 1 Charities.cron 2026-04-16 N/A
Charities.cron 1.0.2 through 1.6.0 allows local users to write to arbitrary files via a symlink attack on temporary files.
CVE-2003-0354 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job.
CVE-2003-0355 2 Apple, Kde 2 Safari, Konqueror Embedded 2026-04-16 N/A
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.
CVE-2003-1023 2 Midnight Commander, Redhat 3 Midnight Commander, Enterprise Linux, Linux 2026-04-16 N/A
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
CVE-2004-0070 1 Visualshapers 1 Ezcontents 2026-04-16 N/A
PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.
CVE-2004-0157 1 Xonix 1 Xonix 2026-04-16 N/A
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.
CVE-2003-1024 1 Sun 1 Sunos 2026-04-16 N/A
Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges.
CVE-2004-0073 1 Stoitsov 1 Easydynamicpages 2026-04-16 N/A
PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script.