| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. |
| Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases. |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. |
| After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password. |
| Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. |
| Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. |
| The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. |
| The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. |
| A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable. |
| Vulnerability in Compaq Tru64 UNIX edauth command. |
| The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users. |
| An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. |
| A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. |
| Buffer overflows in Red Hat net-tools package. |
| Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. |
| Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. |
| The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. |
| The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. |
| Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. |
| When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. |
