| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. |
| The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. |
| The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. |
| A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable. |
| Vulnerability in Compaq Tru64 UNIX edauth command. |
| The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users. |
| Buffer overflows in Red Hat net-tools package. |
| Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. |
| The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. |
| Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. |
| Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location. |
| The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack. |
| Denial of service in Samba NETBIOS name service daemon (nmbd). |
| Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. |
| NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. |
| Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command. |
| Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html. |
| userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. |
| Firewall-1 does not properly restrict access to LDAP attributes. |
| Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation. |