| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. |
| Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. |
| Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability. |
| IMail POP3 daemon uses weak encryption, which allows local users to read files. |
| Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. |
| glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. |
| Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack. |
| Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template. |
| Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters. |
| get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. |
| Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request. |
| An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. |
| procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr. |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. |
| CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack. |
| Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument. |
| IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. |
| Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word. |
| The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
