Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0494 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2017-07-10 | 10.0 HIGH | N/A |
| password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. | |||||
| CVE-2003-0495 | 1 Ledscripts.com | 1 Lednews | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote attackers to insert arbitrary web script via a news item. | |||||
| CVE-2003-0509 | 1 Cyberstrong | 1 Eshop | 2017-07-10 | 10.0 HIGH | N/A |
| SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp. | |||||
| CVE-2003-0572 | 1 Sgi | 1 Irix | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption). | |||||
| CVE-2003-0575 | 1 Sgi | 1 Irix | 2017-07-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list. | |||||
| CVE-2003-0601 | 1 Apple | 1 Mac Os X Server | 2017-07-10 | 7.5 HIGH | N/A |
| Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved. | |||||
| CVE-2003-0607 | 1 Stanley T. Shebs | 1 Xconq | 2017-07-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables. | |||||
| CVE-2003-0612 | 1 Robert Hyatt | 1 Crafty | 2017-07-10 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileges via long command line arguments to crafty.bin. | |||||
| CVE-2003-0618 | 2 Debian, Perl | 2 Debian Linux, Suidperl | 2017-07-10 | 2.1 LOW | N/A |
| Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions. | |||||
| CVE-2003-0621 | 1 Bea | 2 Tuxedo, Weblogic Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument. | |||||
| CVE-2003-0622 | 1 Bea | 2 Tuxedo, Weblogic Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname arguments that contain MS-DOS device names such as CON and AUX. | |||||
| CVE-2003-0623 | 1 Bea | 2 Tuxedo, Weblogic Server | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument. | |||||
| CVE-2003-0624 | 1 Bea | 1 Weblogic Server | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier allows remote attackers to inject malicious web script via the person parameter. | |||||
| CVE-2003-0626 | 1 Peoplesoft | 1 Peopletools | 2017-07-10 | 5.0 MEDIUM | N/A |
| psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments. | |||||
| CVE-2003-0627 | 1 Peoplesoft | 1 Peopletools | 2017-07-10 | 5.0 MEDIUM | N/A |
| psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to cause a denial of service (application crash), possibly via the headername and footername arguments. | |||||
| CVE-2003-0634 | 1 Oracle | 2 Oracle8i, Oracle9i | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name. | |||||
| CVE-2003-0641 | 1 Watchguard | 1 Serverlock | 2017-07-10 | 4.6 MEDIUM | N/A |
| WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local users to load arbitrary modules via the OpenProcess() function, as demonstrated using (1) a DLL injection attack, (2) ZwSetSystemInformation, and (3) API hooking in OpenProcess. | |||||
| CVE-2003-0642 | 1 Watchguard | 1 Serverlock | 2017-07-10 | 2.1 LOW | N/A |
| WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local users to access kernel memory via a symlink attack on \Device\PhysicalMemory. | |||||
| CVE-2003-0645 | 1 Andries Brouwer | 1 Man | 2017-07-10 | 4.6 MEDIUM | N/A |
| man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges. | |||||
| CVE-2003-0648 | 2 Debian, Fte | 2 Debian Linux, Fte Text Editor | 2017-07-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. | |||||