| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block. |
| OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack. |
| scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files. |
| Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. |
| useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. |
| Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. |
| CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests. |
| KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file. |
| Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer. |
| The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors. |
| sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. |
| rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. |
| getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. |
| mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations. |
| vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes. |
| Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. |
| Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local attacker to gain additional privileges via a long username (> 20 characters). |
| Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. |
