Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29928 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0898 1 Ibm 1 Db2 Universal Database 2026-06-16 4.6 MEDIUM N/A
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.
CVE-2003-0897 1 Microsoft 1 Windows Xp 2026-06-16 4.6 MEDIUM N/A
"Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications.
CVE-2003-0896 1 Sun 1 Jre 2026-06-16 7.5 HIGH N/A
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method.
CVE-2003-0895 1 Apple 1 Mac Os X 2026-06-16 4.6 MEDIUM N/A
Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).
CVE-2003-0894 1 Oracle 1 Oracle9i 2026-06-16 4.6 MEDIUM N/A
Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x before 9.2.0.4 allows local users to execute arbitrary code via a long command line argument.
CVE-2003-0887 1 Angus Mackay 1 Ez-ipupdate 2026-06-16 2.1 LOW N/A
ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file.
CVE-2003-0886 1 Hylafax 1 Hylafax 2026-06-16 10.0 HIGH N/A
Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code.
CVE-2003-0885 1 Xscreensaver 1 Xscreensaver 2026-06-16 6.4 MEDIUM N/A
Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack.
CVE-2003-0883 1 Apple 1 Mac Os X 2026-06-16 4.6 MEDIUM N/A
The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system.
CVE-2003-0882 1 Apple 1 Mac Os X 2026-06-16 5.0 MEDIUM N/A
Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.
CVE-2003-0881 1 Apple 1 Mac Os X 2026-06-16 7.5 HIGH N/A
Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password.
CVE-2003-0880 1 Apple 1 Mac Os X 2026-06-16 4.6 MEDIUM N/A
Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences.
CVE-2003-0878 1 Apple 1 Mac Os X 2026-06-16 2.1 LOW N/A
slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875.
CVE-2003-0877 1 Apple 1 Mac Os X 2026-06-16 4.6 MEDIUM N/A
Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory.
CVE-2003-0876 1 Apple 2 Mac Os X, Mac Os X Server 2026-06-16 2.1 LOW N/A
Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended.
CVE-2003-0875 1 Openslp 1 Openslp 2026-06-16 2.1 LOW N/A
Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitrary files via the route.check temporary file.
CVE-2003-0874 1 Deskpro 1 Deskpro 2026-06-16 5.0 MEDIUM N/A
Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert arbitrary SQL and conduct unauthorized activities via (1) the cat parameter in faq.php, (2) the article parameter in faq.php, (3) the tickedid parameter in view.php, and (4) the Password entry on the logon screen.
CVE-2003-0872 1 Sco 1 Openserver 2026-06-16 2.1 LOW N/A
Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.
CVE-2003-0871 1 Apple 2 Mac Os X, Mac Os X Server 2026-06-16 7.5 HIGH N/A
Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."
CVE-2003-0866 1 Apache 1 Tomcat 2026-06-16 5.0 MEDIUM N/A
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.