Export limit exceeded: 25894 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25894 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2423 | 1 Sendmail | 1 Sendmail | 2026-04-16 | N/A |
| Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response. | ||||
| CVE-2003-0795 | 4 Gnu, Quagga, Redhat and 1 more | 5 Zebra, Quagga, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference. | ||||
| CVE-2003-0825 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2003-1425 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter. | ||||
| CVE-2003-1405 | 1 Dotbr | 1 Botbr | 2026-04-16 | N/A |
| DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. | ||||
| CVE-2003-1443 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2026-04-16 | N/A |
| Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com. | ||||
| CVE-2003-1450 | 1 Bitchx | 1 Bitchx | 2026-04-16 | N/A |
| BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message. | ||||
| CVE-2003-1456 | 4 Linux, Microsoft, Mike Bobbitt and 1 more | 4 Linux Kernel, All Windows, Album.pl and 1 more | 2026-04-16 | N/A |
| Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors. | ||||
| CVE-2003-1471 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number. | ||||
| CVE-2003-1481 | 1 Stalker | 1 Communigate Pro | 2026-04-16 | N/A |
| CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer. | ||||
| CVE-2003-1517 | 1 Dansie | 1 Shopping Cart | 2026-04-16 | N/A |
| cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message. | ||||
| CVE-2003-1526 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. | ||||
| CVE-2003-1535 | 1 Justice Media | 1 Guestbook | 2026-04-16 | N/A |
| Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message. | ||||
| CVE-2003-1538 | 1 Suse | 3 Office Server, Suse Linux, Suse Linux Openexchange Server | 2026-04-16 | N/A |
| susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. | ||||
| CVE-2003-1540 | 1 Wfchat | 1 Wfchat | 2026-04-16 | N/A |
| WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain authentication information via a direct request to (1) !pwds.txt and (2) !nicks.txt. | ||||
| CVE-2003-1548 | 1 Myabracadaweb | 1 Myabracadaweb | 2026-04-16 | N/A |
| MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message. | ||||
| CVE-2003-1559 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | ||||
| CVE-2004-1386 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-16 | N/A |
| TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. | ||||
| CVE-2004-2150 | 1 Nettica | 1 Intellipeer Email Server | 2026-04-16 | N/A |
| Nettica Corporation INTELLIPEER Email Server 1.01 displays different error messages for valid and invalid account names, which allows remote attackers to determine valid account names. | ||||
| CVE-2004-2252 | 1 Sophos | 1 Astaro Security Linux | 2026-04-16 | N/A |
| The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks. | ||||