Total
29935 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0299 | 2 Mutt, Stuart Parmenter | 2 Mutt, Balsa | 2026-04-16 | N/A |
| The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors. | ||||
| CVE-1999-0940 | 1 Mutt | 1 Mutt Mail Client | 2026-04-16 | N/A |
| Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. | ||||
| CVE-2003-0312 | 1 Snowblind.net | 1 Snowblind Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. | ||||
| CVE-1999-0963 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD mount_union command allows local users to gain root privileges via a symlink attack. | ||||
| CVE-2003-0623 | 1 Bea | 2 Tuxedo, Weblogic Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument. | ||||
| CVE-1999-0980 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request. | ||||
| CVE-2003-0320 | 1 Andy Prevost | 1 Ttcms | 2026-04-16 | N/A |
| header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script. | ||||
| CVE-1999-0988 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. | ||||
| CVE-2003-0629 | 1 Peoplesoft | 1 Peopletools | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript. | ||||
| CVE-2003-0630 | 1 Atari800 | 1 Atari800 | 2026-04-16 | N/A |
| Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument. | ||||
| CVE-1999-1006 | 1 Novell | 1 Groupwise | 2026-04-16 | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. | ||||
| CVE-1999-1009 | 1 Disney | 1 Go Express Search | 2026-04-16 | N/A |
| The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. | ||||
| CVE-2003-0335 | 1 Slackware | 1 Slackware Linux | 2026-04-16 | N/A |
| rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. | ||||
| CVE-2003-0659 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application. | ||||
| CVE-1999-1019 | 1 Cabletron | 1 Spectrum Enterprise Manager | 2026-04-16 | N/A |
| SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise. | ||||
| CVE-2003-0664 | 1 Microsoft | 2 Word, Works | 2026-04-16 | N/A |
| Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document. | ||||
| CVE-2003-0671 | 1 Jeremy Elson | 1 Tcpflow | 2026-04-16 | N/A |
| Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow. | ||||
| CVE-2003-0361 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. | ||||
| CVE-2003-0672 | 1 Leon J Breedt | 1 Pam-pgsql | 2026-04-16 | N/A |
| Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message. | ||||
| CVE-1999-1046 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181. | ||||