Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0751 | 1 Py-membres | 1 Py-membres | 2008-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter. | |||||
| CVE-2003-0750 | 1 Py-membres | 1 Py-membres | 2008-09-10 | 7.5 HIGH | N/A |
| secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter. | |||||
| CVE-2003-0756 | 1 Sitebuilder | 1 Sitebuilder | 2008-09-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter. | |||||
| CVE-2003-0745 | 1 Castle Rock Computing | 1 Snmpc | 2008-09-10 | 10.0 HIGH | N/A |
| SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server. | |||||
| CVE-2003-0754 | 1 Newsphp | 1 Newsphp | 2008-09-10 | 7.5 HIGH | N/A |
| nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication. | |||||
| CVE-2003-0753 | 1 Newsphp | 1 Newsphp | 2008-09-10 | 5.0 MEDIUM | N/A |
| nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter. | |||||
| CVE-2003-0672 | 1 Leon J Breedt | 1 Pam-pgsql | 2008-09-10 | 7.5 HIGH | N/A |
| Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message. | |||||
| CVE-2003-0680 | 1 Sgi | 1 Irix | 2008-09-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions. | |||||
| CVE-2003-0646 | 1 Trend Micro | 2 Damage Cleanup Server, Housecall | 2008-09-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings. | |||||
| CVE-2003-0932 | 1 Omega-rpg | 1 Omega-rpg | 2008-09-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable. | |||||
| CVE-2003-0670 | 1 Sustainable Softworks | 2 Ipnetmonitorx, Ipnetsentryx | 2008-09-10 | 2.1 LOW | N/A |
| Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow. | |||||
| CVE-2003-0830 | 1 Marbles | 1 Marbles | 2008-09-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable. | |||||
| CVE-2003-0723 | 1 Gkrellm | 1 Gkrellm | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code. | |||||
| CVE-2003-0779 | 1 Digium | 1 Asterisk | 2008-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. | |||||
| CVE-2003-0671 | 1 Jeremy Elson | 1 Tcpflow | 2008-09-10 | 7.2 HIGH | N/A |
| Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow. | |||||
| CVE-2003-0803 | 1 Nokia | 1 Electronic Documentation | 2008-09-10 | 7.5 HIGH | N/A |
| Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user. | |||||
| CVE-2003-0653 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 5.0 MEDIUM | N/A |
| The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. | |||||
| CVE-2003-0677 | 1 Cisco | 1 Webns | 2008-09-10 | 5.0 MEDIUM | N/A |
| Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure." | |||||
| CVE-2003-0784 | 1 Ibm | 1 Aix | 2008-09-10 | 10.0 HIGH | N/A |
| Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers. | |||||
| CVE-2003-0833 | 1 Webfs | 1 Webfs | 2008-09-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname. | |||||