| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file. |
| IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin. |
| Buffer overflow in SCO su program allows local users to gain root access via a long username. |
| Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop. |
| Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port. |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. |
| Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. |
| Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command. |
| UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. |
| Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. |
| Denial of service in Linux syslogd via a large number of connections. |
| QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations. |
| Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter. |
| UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission. |
| FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument. |
| FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands. |
| Free Realty before 2.9 allows remote attackers to obtain the full path and other sensitive information via unspecified manipulations that produce an error message. |
| Cross-site scripting (XSS) vulnerability in propview.php in Free Realty 2.9-0.6 and earlier allows remote attackers to execute arbitrary web script or HTML via the sort parameter. |
| Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message. |
| Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. |