| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash). |
| The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. |
| ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility. |
| SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. |
| Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. |
| Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names. |
| FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attackers to execute arbitrary code via a message that is rendered in IE using a less secure zone. |
| Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. |
| IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. |
| Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack. |
| String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges. |
| IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions. |
| Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors. |
| Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter. |
| Denial of service in HP-UX SharedX recserv program. |
| PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report. |
| KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. |
| Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP. |