| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator. |
| IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections. |
| Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. |
| Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands. |
| Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE cookie. |
| GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. |
| Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands. |
| IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. |
| Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). |
| Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors. |
| WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers. |
| FreeBSD mount_union command allows local users to gain root privileges via a symlink attack. |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. |
| Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. |
| The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges. |
| Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow. |
| asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file. |
| The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords. |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. |
