Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0047 | 1 Van Dyke Technologies | 3 Entunnel, Securecrt, Securefx | 2016-10-17 | 4.6 MEDIUM | N/A |
| SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||
| CVE-2003-0025 | 1 Horde | 1 Imp | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3. | |||||
| CVE-2003-0021 | 1 Michael Jennings | 1 Eterm | 2016-10-17 | 5.0 MEDIUM | N/A |
| The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. | |||||
| CVE-2003-0012 | 1 Mozilla | 1 Bugzilla | 2016-10-17 | 2.1 LOW | N/A |
| The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. | |||||
| CVE-2003-0051 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. | |||||
| CVE-2003-0052 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. | |||||
| CVE-2003-0053 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. | |||||
| CVE-2003-0054 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2016-10-17 | 7.5 HIGH | N/A |
| Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. | |||||
| CVE-2003-0022 | 1 Rxvt | 1 Rxvt | 2016-10-17 | 5.0 MEDIUM | N/A |
| The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. | |||||
| CVE-2003-0063 | 1 Xfree86 Project | 1 X11r6 | 2016-10-17 | 7.5 HIGH | N/A |
| The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
| CVE-2003-0062 | 1 Eset Software | 1 Nod32 Antivirus | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. | |||||
| CVE-2003-0023 | 1 Rxvt | 1 Rxvt | 2016-10-17 | 5.0 MEDIUM | N/A |
| The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | |||||
| CVE-2003-0031 | 1 Mcrypt | 1 Libmcrypt | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash). | |||||
| CVE-2003-0055 | 1 Apple | 1 Quicktime Darwin Mp3 Broadcaster | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename. | |||||
| CVE-2003-0050 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2016-10-17 | 7.5 HIGH | N/A |
| parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters. | |||||
| CVE-2003-0032 | 1 Mcrypt | 1 Libmcrypt | 2016-10-17 | 5.0 MEDIUM | N/A |
| Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool. | |||||
| CVE-2002-2414 | 2 Opera Software, Squid | 2 Opera, Squid | 2016-10-17 | 4.3 MEDIUM | N/A |
| Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2003-0024 | 1 Aterm | 1 Aterm | 2016-10-17 | 7.5 HIGH | N/A |
| The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. | |||||
| CVE-2003-0030 | 1 Protegrity | 1 Secure.data | 2016-10-17 | 10.0 HIGH | N/A |
| Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select. | |||||
| CVE-2003-0046 | 1 Celestial Software | 1 Absolutetelnet | 2016-10-17 | 4.6 MEDIUM | N/A |
| AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. | |||||