| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges. |
| Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. |
| RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. |
| Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request. |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. |
| IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. |
| wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. |
| IMail POP3 daemon uses weak encryption, which allows local users to read files. |
| IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack. |
| UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack. |
| Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. |
| Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. |
| The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. |
| Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file. |
| Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." |
| Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter. |
| Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. |
| glFtpD includes a default glftpd user account with a default password and a UID of 0. |
| AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. |
| mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. |