Total
29907 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0175 | 1 Sgi | 1 Irix | 2026-06-16 | 2.1 LOW | N/A |
| SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. | |||||
| CVE-2003-0173 | 2 Sgi, Xfsdump | 2 Irix, Xfsdump | 2026-06-16 | 7.2 HIGH | N/A |
| xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges. | |||||
| CVE-2003-0172 | 1 Php | 1 Php | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument. | |||||
| CVE-2003-0171 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-06-16 | 7.2 HIGH | N/A |
| DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. | |||||
| CVE-2003-0170 | 1 Ibm | 1 Aix | 2026-06-16 | 10.0 HIGH | N/A |
| Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors. | |||||
| CVE-2003-0169 | 1 Hp | 1 Instant Toptools | 2026-06-16 | 5.0 MEDIUM | N/A |
| hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. | |||||
| CVE-2003-0168 | 1 Apple | 1 Quicktime | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL. | |||||
| CVE-2003-0167 | 1 Mutt | 1 Mutt | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. | |||||
| CVE-2003-0166 | 1 Php | 1 Php | 2026-06-16 | 7.5 HIGH | N/A |
| Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions. | |||||
| CVE-2003-0165 | 1 Gnome | 1 Eog | 2026-06-16 | 4.6 MEDIUM | N/A |
| Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display. | |||||
| CVE-2003-0163 | 1 Gaim-encryption | 1 Gaim-encryption | 2026-06-16 | 5.0 MEDIUM | N/A |
| decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte. | |||||
| CVE-2003-0162 | 1 Ecartis | 1 Ecartis | 2026-06-16 | 7.5 HIGH | N/A |
| Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page. | |||||
| CVE-2003-0161 | 4 Compaq, Hp, Sendmail and 1 more | 9 Tru64, Hp-ux, Hp-ux Series 700 and 6 more | 2026-06-16 | 10.0 HIGH | N/A |
| The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. | |||||
| CVE-2003-0160 | 1 Squirrelmail | 1 Squirrelmail | 2026-06-16 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser. | |||||
| CVE-2003-0159 | 1 Ethereal Group | 1 Ethereal | 2026-06-16 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2003-0156 | 1 Cross Referencer | 1 Lxr | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter. | |||||
| CVE-2003-0155 | 1 Mozilla | 1 Bonsai | 2026-06-16 | 5.0 MEDIUM | N/A |
| bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication. | |||||
| CVE-2003-0154 | 1 Mozilla | 1 Bonsai | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244. | |||||
| CVE-2003-0153 | 1 Mozilla | 1 Bonsai | 2026-06-16 | 5.0 MEDIUM | N/A |
| bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi. | |||||
| CVE-2003-0152 | 1 Mozilla | 1 Bonsai | 2026-06-16 | 7.5 HIGH | N/A |
| Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user. | |||||