| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack. |
| Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. |
| Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. |
| PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. |
| D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information. |
| Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the da_path parameter in the (1) auth.cookie.inc.php, (2) auth.header.inc.php, or (3) auth.sessions.inc.php scripts. |
| Multiple cross-site scripting (XSS) vulnerabilities in 35mmslidegallery 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) imgdir parameter in (a) index.php, and the (2) w, (3) h, and (4) t parameters in (b) popup.php. |
| L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information. |
| Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot. |
| suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. |
| Remote attackers can perform a denial of service using IRIX fcagent. |
| Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. |
| Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. |
| Buffer overflow in OpenBSD ping. |
| Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man-in-the-middle (MITM) attack via unspecified vectors. |
| The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. |
| The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. |
| Denial of service in WinGate proxy through a buffer overflow in POP3. |
| A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. |