| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. |
| changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be entered, which allows remote attackers to guess passwords via a brute force attack. |
| Cross-site scripting (XSS) vulnerability in security.php for Tru-Zone NukeET 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via a base64 encoded Codigo parameter. |
| Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
| Watchguard Firebox II allows remote attackers to cause a denial of service by establishing multiple connections and sending malformed PPTP packets. |
| Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote attackers to inject arbitrary web script or HTML via the threadID parameter. |
| Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. |
| Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. |
| Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. |
| Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field. |
| PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and earlier allows remote attackers to execute arbitrary code via the serverPath parameter. |
| IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. |
| PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter. |
| Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference. |
| The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. |
| Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file. |
| Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts. |
| Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. |
| Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. |
| SQL injection vulnerability in Babe Logger 2 allows remote attackers to execute arbitrary SQL commands via the (1) gal parameter to index.php or (2) id parameter to comments.php. |
