| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in sql.cls.php in Id Board 1.1.3 allows remote attackers to modify SQL queries, as demonstrated using the f parameter to index.php. |
| Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption). |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. |
| FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username. |
| Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL. |
| iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences. |
| The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server allows remote attackers to cause a denial of service via a large number of connections that send null characters. |
| Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command. |
| Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before 2.00 allow local users to execute arbitrary code via the command line. |
| ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file. |
| Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges. |
| Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets. |
| Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter. |
| Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set. |
| NetObjects Fusion 9 (NOF9) allows remote attackers to obtain sensitive information, including passwords, by downloading the _versioning_repository_/rollbacklog.xml file, then using it to download and modify the associated ZIP file to edit and republish the site. |
| mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters. |
| Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, or 5.2 use a default password when the setup dialog has not been run, which allows remote attackers to gain access. |
| Backup Manager 0.5.8a creates temporary files insecurely, which allows local users to conduct unauthorized file operations when a user is burning a CDR. |
| Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request. |
| Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. |
