| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file. |
| vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels. |
| The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. |
| A remote attacker can read information from a Netscape user's cache via JavaScript. |
| The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges. |
| ROUTERmate has a default SNMP community name which allows remote attackers to modify its configuration. |
| The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path. |
| Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. |
| FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks. |
| Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet. |
| Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. |
| fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges. |
| The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. |
| Buffer overflow in Dosemu Slang library in Linux. |
| super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. |
| The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow. |
| Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS value. |
| The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. |
| Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. |
| SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. |