Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0224 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."
CVE-2003-0225 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page.
CVE-2003-0226 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remote attackers to cause a denial of service via a long WebDAV request with a (1) PROPFIND or (2) SEARCH method, which generates an error condition that is not properly handled.
CVE-2003-0228 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location.
CVE-2003-0231 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe.
CVE-2003-0233 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.
CVE-2003-0235 1 Mirabilis 1 Icq 2026-04-16 N/A
Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command.
CVE-2003-0251 2 Nis, Redhat 3 Ypserv Nis Server, Enterprise Linux, Linux 2026-04-16 N/A
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block.
CVE-2003-0253 2 Apache, Redhat 2 Http Server, Linux 2026-04-16 N/A
The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
CVE-2003-0255 2 Gnu, Redhat 3 Privacy Guard, Enterprise Linux, Linux 2026-04-16 N/A
The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path.
CVE-2003-0256 1 Kde 1 Kopete 2026-04-16 N/A
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.
CVE-2003-0257 1 Ibm 1 Aix 2026-04-16 N/A
Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges.
CVE-2003-0259 1 Cisco 6 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3015 Concentrator and 3 more 2026-04-16 N/A
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet.
CVE-2003-0260 1 Cisco 6 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3015 Concentrator and 3 more 2026-04-16 N/A
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets.
CVE-2003-0261 1 Fuzz 1 Fuzz 2026-04-16 N/A
fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges.
CVE-2003-0262 1 Leksbot 1 Leksbot 2026-04-16 N/A
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.
CVE-2003-0263 1 Floosietek 1 Ftgatepro 2026-04-16 N/A
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
CVE-2003-0264 1 Seattle Lab Software 1 Slmail 2026-04-16 N/A
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.
CVE-2003-0265 1 Sap 1 Sap Db 2026-04-16 N/A
Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.
CVE-2003-0270 1 Apple 1 802.11n 2026-04-16 N/A
The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections.