| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. |
| Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP. |
| Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. |
| The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file. |
| vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels. |
| The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. |
| Buffer overflow in AIX ftpd in the libc library. |
| A remote attacker can read information from a Netscape user's cache via JavaScript. |
| The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges. |
| ROUTERmate has a default SNMP community name which allows remote attackers to modify its configuration. |
| The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path. |
| Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. |
| FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. |
| Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet. |
| Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. |
| fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges. |
| Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options. |
| Buffer overflow in Samba smbd program via a malformed message command. |
| Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable. |
| Red Hat pump DHCP client allows remote attackers to gain root access in some configurations. |