Search Results (365359 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1097 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.
CVE-2003-1098 1 Hp 1 Hp-ux 2026-04-16 N/A
The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.
CVE-2005-1433 1 Hp 1 Openview Event Correlation Services 2026-04-16 N/A
Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code.
CVE-2005-1436 1 Osticket 1 Osticket 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket.
CVE-2003-1107 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions.
CVE-2005-1438 1 Osticket 1 Osticket 2026-04-16 N/A
PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute arbitrary PHP code via the include_dir parameter.
CVE-2005-1442 1 Ibm 1 Lotus Notes 2026-04-16 N/A
Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file.
CVE-2003-1123 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.
CVE-2004-1134 1 Microsoft 1 W3who.dll 2026-04-16 N/A
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
CVE-2005-1443 1 Invision Power Services 1 Invision Power Board 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the (1) act, (2) Members, (3) calendar, or (4) HID parameters.
CVE-2003-1154 1 Clearswift 1 Mailsweeper 2026-04-16 N/A
MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants.
CVE-2005-1444 1 Sitepanel 1 Sitepanel 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to inject arbitrary web script or HTML via (1) the v, show, or sec_name parameters to main.php, (2) the inadmin, newsev, or postid parameters to 5.php, or (3) the id parameter to 0.php.
CVE-2006-0379 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory.
CVE-2003-1139 1 Musicqueue 1 Musicqueue 2026-04-16 N/A
Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file.
CVE-2003-1140 1 Musicqueue 1 Musicqueue 2026-04-16 N/A
Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file.
CVE-2003-1144 1 Perception 1 Liteserve 2026-04-16 N/A
Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name.
CVE-2005-1528 1 Qnx 1 Rtos 2026-04-16 N/A
Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LD_LIBRARY_PATH environment variable that references a malicious library.
CVE-2003-1150 1 Novell 2 Netware, Zenworks Desktops 2026-04-16 N/A
Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors.
CVE-2003-1151 1 Fastream 1 Netfile Ftp Web Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page.
CVE-2004-1166 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.