Search Results (362507 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0479 1 Affordable Web Space Design 1 Affordable Web Space Design Webbbs 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS allows remote attackers to insert arbitrary web script via the (1) Name, (2) Email, or (3) Message fields.
CVE-2003-0484 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter.
CVE-2003-0485 1 Progress 1 4gl Compiler 2026-04-16 N/A
Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary code via source code containing a long, invalid data type.
CVE-2005-0490 2 Haxx, Redhat 3 Curl, Libcurl, Enterprise Linux 2026-04-16 8.8 High
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication.
CVE-2003-0486 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter.
CVE-2005-0492 1 Adobe 1 Acrobat Reader 2026-04-16 N/A
Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node.
CVE-2003-0487 1 Kerio 1 Kerio Mailserver 2026-04-16 N/A
Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module.
CVE-2003-0488 1 Kerio 1 Kerio Mailserver 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module.
CVE-2003-0493 1 Snitz Communications 1 Snitz Forums 2000 2026-04-16 N/A
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.
CVE-2005-0496 1 Arkeia 1 Network Backup 2026-04-16 9.8 Critical
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.
CVE-2003-0499 1 Mantis 1 Mantis 2026-04-16 N/A
Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations.
CVE-2005-0499 1 Gigafast Ethernet 1 Gigafast Router 2026-04-16 N/A
Gigafast router (aka CompUSA router) with the DNS proxy option enabled allows remote attackers to cause a denial of service via malformed DNS queries.
CVE-2003-0501 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.
CVE-2003-0505 1 Microsoft 1 Netmeeting 2026-04-16 N/A
Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "..\.." (dot dot) sequences in a file transfer request.
CVE-2005-0500 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks.
CVE-2005-0507 1 Gd Software 1 Sd Server 2026-04-16 N/A
Directory traversal vulnerability in SD Server 4.0.70 and earlier allows remote attackers to read arbitrary files via .. sequences in an HTTP request.
CVE-2003-0518 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow.
CVE-2005-0508 1 Apache 1 Batik 2026-04-16 N/A
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."
CVE-2003-0520 1 Cerulean Studios 1 Trillian 2026-04-16 N/A
Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified.
CVE-2005-0509 2 Microsoft, Mono 2 .net Framework, Mono 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<".