| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command. |
| catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file. |
| Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges. |
| swinit in nCipher does not properly disable the Operator Card Set recovery feature even when explicitly disabled by the user, which could allow attackers to gain access to application keys. |
| The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability. |
| profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL. |
| Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory. |
| gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection. |
| Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command. |
| Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter. |
| procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges. |
| patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. |
| The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost. |
| Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. |
| Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages. |
| ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack. |
| filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo. |
| The open() function in FreeBSD allows local attackers to write to arbitrary files. |
| Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument. |
| Vulnerability in HP-UX mediainit program. |
