| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. |
| Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n. |
| inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program. |
| Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files. |
| Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user. |
| Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges. |
| PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer. |
| ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command. |
| A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction, aka the "Invalid Operand with Locked CMPXCHG8B Instruction" problem. |
| Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack. |
| The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character. |
| Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding. |
| The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters. |
| (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. |
| GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file. |
| SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes. |
| Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable. |
| The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. |
| Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system. |
| sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. |