Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0683 1 Sgi 1 Irix 2026-04-16 N/A
NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions.
CVE-2006-3618 1 Pixelated By Lev 1 Pixelated By Lev Guestbook 2026-04-16 N/A
SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters.
CVE-2003-0685 1 Netris 1 Netris 2026-04-16 N/A
Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response.
CVE-2003-0702 1 Iss 1 Realsecure Server Sensor 2026-04-16 N/A
Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL.
CVE-2006-3621 1 Dream4 1 Koobi Pro 2026-04-16 N/A
SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to execute arbitrary SQL commands via the toid parameter.
CVE-2003-0709 1 Whois 1 Whois 2026-04-16 N/A
Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI programs, may allow remote attackers to execute arbitrary code via a long command line option.
CVE-2006-3625 1 Flv 1 Flv Player 2026-04-16 N/A
FLV Players 8 allows remote attackers to obtain sensitive information via (1) a direct request to paginate.php or (2) an invalid p parameter to player.php, which reveal the path in an error message.
CVE-2003-0781 1 Ecartis 1 Ecartis 2026-04-16 N/A
Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords.
CVE-2003-0749 1 Sap 1 Internet Transaction Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter.
CVE-2003-0751 1 Py-membres 1 Py-membres 2026-04-16 N/A
SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.
CVE-2003-0758 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument.
CVE-2003-0762 1 Foxweb 1 Foxweb 2026-04-16 N/A
Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value).
CVE-2006-3640 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."
CVE-2003-0768 1 Microsoft 1 Asp.net 2026-04-16 N/A
Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.
CVE-2003-0782 1 Ecartis 1 Ecartis 2026-04-16 N/A
Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2005-4427 1 Cerberus 1 Cerberus Helpdesk 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Cerberus Helpdesk allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to attachment_send.php, (2) the $addy variable in email_parser.php, (3) $address variable in email_parser.php, (4) $a_address variable in structs.php, (5) kbid parameter to cer_KnowledgebaseHandler.class.php, (6) queues[] parameter to addresses_export.php, (7) $thread variable to display.php, (8) ticket parameter to display_ticket_thread.php.
CVE-2006-3653 1 Microsoft 1 Works 2026-04-16 N/A
wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files.
CVE-2003-0797 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors.
CVE-2006-3654 1 Microsoft 1 Works 2026-04-16 N/A
Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files.
CVE-2003-0830 1 Marbles 1 Marbles 2026-04-16 N/A
Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable.