| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file. |
| AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. |
| AIX Licensed Program Product performance tools allow local users to gain root access. |
| Buffer overflow in the Linux mail program "deliver" allows local users to gain root access. |
| NT users can gain debug-level access on a system process using the Sechole exploit. |
| Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character. |
| Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. |
| IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. |
| ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption. |
| WS_FTP server remote denial of service through cwd command. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| NFS cache poisoning. |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. |
| Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known. |
| IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. |
| Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet. |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. |
| MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. |