| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command. |
| Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service (crash). |
| A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections. |
| Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers. |
| dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters. |
| Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability." |
| Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. |
| one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script. |
| Denial of service in Axent Raptor firewall via malformed zero-length IP options. |
| Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username. |
| The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. |
| ypserv allows local administrators to modify password tables. |
| ypserv allows a local user to modify the GECOS and login shells of other users. |
| Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals. |
| Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set. |
| The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. |
| Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL. |
| The Zeus web server administrative interface uses weak encryption for its passwords. |
| Falcon web server allows remote attackers to determine the absolute path of the web root via long file names. |
| Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. |