| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A Windows NT local user or administrator account has a guessable password. |
| Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions. |
| An account on a router, firewall, or other network device has a default, null, blank, or missing password. |
| Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. |
| A router or firewall allows source routed packets from arbitrary hosts. |
| An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv. |
| Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors. |
| An SNMP community name is guessable. |
| A NETBIOS/SMB share password is guessable. |
| DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. |
| A NETBIOS/SMB share password is the default, null, or missing. |
| The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password. |
| A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc. |
| Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation. |
| A system is operating in "promiscuous" mode which allows it to perform packet sniffing. |
| lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories. |
| A trust relationship exists between two Unix hosts. |
| The Windows NT guest account is enabled. |
| A router's routing tables can be obtained from arbitrary hosts. |
| .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. |