| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. |
| SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files. |
| Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. |
| FreeBSD mmap function allows users to modify append-only or immutable files. |
| ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server. |
| vhe_u_mnt program in HP-UX allows local users to create root files through symlinks. |
| SGI mediad program allows local users to gain root access. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8. |
| Buffer overflow in mstm in HP-UX allows local users to gain root access. |
| The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file. |
| AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. |
| AIX Licensed Program Product performance tools allow local users to gain root access. |
| Buffer overflow in the Linux mail program "deliver" allows local users to gain root access. |
| NT users can gain debug-level access on a system process using the Sechole exploit. |
| Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character. |
| Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. |
| IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. |
| ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption. |
| WS_FTP server remote denial of service through cwd command. |