Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0039 2 Isc, Redhat 2 Dhcpd, Linux 2026-04-16 N/A
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.
CVE-2003-0042 1 Apache 1 Tomcat 2026-04-16 N/A
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
CVE-2003-0045 1 Apache 1 Tomcat 2026-04-16 N/A
Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
CVE-1999-0626 1 Sun 1 Rpc.ruserd 2026-04-16 N/A
A version of rusers is running that exposes valid user information to any entity on the network.
CVE-2003-0047 1 Van Dyke Technologies 3 Entunnel, Securecrt, Securefx 2026-04-16 N/A
SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.
CVE-2003-0052 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2026-04-16 N/A
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories.
CVE-2003-0056 2 Redhat, Slocate 2 Enterprise Linux, Slocate 2026-04-16 N/A
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
CVE-2003-0061 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.
CVE-2003-0057 1 Hypermail 1 Hypermail 2026-04-16 N/A
Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by connecting to the mail CGI program from an IP address that reverse-resolves to a long hostname.
CVE-2003-0063 3 Redhat, Xfree86, Xfree86 Project 4 Enterprise Linux, Linux, Xfree86 and 1 more 2026-04-16 7.3 High
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2003-0065 1 National University Of Singapore 1 Uxterm 2026-04-16 N/A
The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2003-0066 2 Redhat, Rxvt 3 Enterprise Linux, Linux, Rxvt 2026-04-16 N/A
The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2003-0069 1 Putty 1 Putty 2026-04-16 N/A
The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2003-0071 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, X11r6 2026-04-16 N/A
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
CVE-2003-0141 1 Realnetworks 3 Realone Enterprise Desktop, Realone Player, Realplayer 2026-04-16 N/A
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.
CVE-2003-0149 1 Mcafee 1 Epolicy Orchestrator 2026-04-16 N/A
Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.
CVE-2003-0153 1 Mozilla 1 Bonsai 2026-04-16 N/A
bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.
CVE-2004-0392 1 Kame 1 Racoon 2026-04-16 N/A
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields.
CVE-2004-0394 1 Linux 1 Linux Kernel 2026-04-16 N/A
A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic.
CVE-2004-0395 1 Gatos 1 Gatos 2026-04-16 N/A
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.