| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| All records in a WINS database can be deleted through SNMP for a denial of service. |
| admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| Buffer overflow in SunOS/Solaris ps command. |
| HP-UX vgdisplay program gives root access to local users. |
| SSH 1.2.25 on HP-UX allows access to new user accounts. |
| mmap function in BSD allows local attackers in the kmem group to modify memory through devices. |
| Buffer overflow in Linux splitvt command gives root access to local users. |
| Buffer overflow in Linux su command gives root access to local users. |
| Buffer overflow in Solaris kcms_configure command allows local users to gain root access. |
| PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant value |
| Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion. |
| Linux bdash game has a buffer overflow that allows local users to gain root access. |
| Buffer overflow in NetMeeting allows denial of service and remote command execution. |
| rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. |
| Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. |
| ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out with that modem, or obtain passwords. |
| Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information. |
| SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie. |
| Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. |
| SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user. |
