Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1039 | 1 Sap | 1 Mysap Business Suite | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server. | |||||
| CVE-2003-1042 | 1 Mozilla | 1 Bugzilla | 2017-07-10 | 10.0 HIGH | N/A |
| SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name. | |||||
| CVE-2003-1043 | 1 Mozilla | 1 Bugzilla | 2017-07-10 | 10.0 HIGH | N/A |
| SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi. | |||||
| CVE-2003-1044 | 1 Mozilla | 1 Bugzilla | 2017-07-10 | 7.5 HIGH | N/A |
| editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID. | |||||
| CVE-2003-1045 | 1 Mozilla | 1 Bugzilla | 2017-07-10 | 5.0 MEDIUM | N/A |
| votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter. | |||||
| CVE-2003-1046 | 1 Mozilla | 1 Bugzilla | 2017-07-10 | 7.5 HIGH | N/A |
| describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products. | |||||
| CVE-2003-1049 | 1 Ibm | 1 Db2 Universal Database | 2017-07-10 | 4.6 MEDIUM | N/A |
| IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. | |||||
| CVE-2003-1050 | 1 Ibm | 1 Db2 | 2017-07-10 | 7.2 HIGH | N/A |
| Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. | |||||
| CVE-2003-1051 | 1 Ibm | 1 Db2 | 2017-07-10 | 7.2 HIGH | N/A |
| Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. | |||||
| CVE-2003-1052 | 1 Ibm | 2 Db2, Db2 Universal Database | 2017-07-10 | 7.2 HIGH | N/A |
| IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. | |||||
| CVE-2003-1053 | 1 Xshisen | 1 Xshisen | 2017-07-10 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV command line option or (2) XSHISENLIB environment variable. | |||||
| CVE-2003-1074 | 1 Sun | 1 Solaris | 2017-07-10 | 7.2 HIGH | N/A |
| Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges. | |||||
| CVE-2003-1077 | 1 Sun | 1 Solaris | 2017-07-10 | 2.1 LOW | N/A |
| Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang). | |||||
| CVE-2003-1083 | 1 Tildeslash | 1 Monit | 2017-07-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request. | |||||
| CVE-2003-1084 | 1 Tildeslash | 1 Monit | 2017-07-10 | 5.0 MEDIUM | N/A |
| Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field. | |||||
| CVE-2003-1085 | 1 Thomson | 2 Tcm Cable Modem, Tcw Cable Modem | 2017-07-10 | 5.0 MEDIUM | N/A |
| The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow. | |||||
| CVE-2003-1087 | 1 Hp | 1 Hp-ux | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic. | |||||
| CVE-2003-1088 | 1 Phpoutsourcing | 1 Zorum | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter. | |||||
| CVE-2003-1089 | 1 Phpoutsourcing | 1 Zorum | 2017-07-10 | 5.0 MEDIUM | N/A |
| index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. | |||||
| CVE-2003-1090 | 1 Celestial Software | 1 Absolutetelnet | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title. | |||||